Nginx reverse proxy WITHOUT 80 and 443 port #6177

txwdzxq · 2023-05-01T08:15:00Z

txwdzxq
May 1, 2023

I use Docker to run the code-server on 8080
is worked.

server {
    listen 443 ssl http2;

    add_header access-control-allow-origin *;
    add_header timing-allow-origin *;

    server_name                 test1.domain.com;
    ssl_certificate             test1.domain.com.pem;
    ssl_certificate_key         test1.domain.com.key;

    location / {
                proxy_pass       http://127.0.0.1:8080;
                proxy_set_header Host $host;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection upgrade;
                proxy_set_header Accept-Encoding gzip;
    }
}

But now , for some reason I can't use port 443

server {
    listen 1443 ssl http2;

    add_header access-control-allow-origin *;
    add_header timing-allow-origin *;

    server_name                 test2.domain.com;
    ssl_certificate             test2.domain.com.pem;
    ssl_certificate_key         test2.domain.com.key;
    ssl_prefer_server_ciphers   on;

    location / {
                proxy_pass       http://127.0.0.1:8080;
                proxy_set_header Host $host;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection upgrade;
                proxy_set_header Accept-Encoding gzip;
    }
}

An error occurred:

and in chrome console:

any idea?

Answered by code-asher

May 1, 2023

To provide some more details, when origin is set it must be a valid URL and must match the host header (to prevent some cross-origin attacks).

So if the origin is http://test.domain.com then the host must be exactly test.domain.com. Or as another example if the origin is https://test.domain.com:1234 then the host must be exactly test.domain.com:1234. If the check fails then you get forbidden.

Usually proxy_set_header Host $host; is sufficient but you might need proxy_set_header Host $http_host; instead.

View full answer

code-asher · 2023-05-01T15:55:22Z

code-asher
May 1, 2023
Maintainer

In the console what code are you getting for the web socket? Is it a 401? If so could you run with --log debug and see what code-server tells you about the host and origin headers?

5 replies

txwdzxq May 1, 2023
Author

I just logged in normally and clicking reload will refresh the page, then repeat this error.
I am using Docker to start the code server. How can I use the --log debug to provide more detailed information

[17:35:03] Extension host agent started.
[17:35:03] Started initializing default profile extensions in extensions installation folder. file:///root/.local/share/code-server/extensions
[17:35:03] Completed initializing default profile extensions in extensions installation folder. file:///root/.local/share/code-server/extensions
[17:35:06] [172.18.0.1][5a917823][ManagementConnection] New connection established.
[17:35:06] Using the in-memory credential store as the operating system's credential store could not be accessed. Please see https://aka.ms/vscode-server-keyring on how to set this up. Details: libsecret-1.so.0: cannot open shared object file: No such file or directory
[17:35:07] [172.18.0.1][e6ba8771][ExtensionHostConnection] New connection established.
[17:35:07] [172.18.0.1][e6ba8771][ExtensionHostConnection] <892> Launched Extension Host Process.
[17:35:25] [172.18.0.1][5a917823][ManagementConnection] The client has disconnected gracefully, so the connection will be disposed.
[17:35:25] [172.18.0.1][e6ba8771][ExtensionHostConnection] <892> Extension Host Process exited with code: 0, signal: null.
[2023-05-01T17:36:00.207Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:00.450Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:00.593Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:00.788Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:00.929Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:01.332Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:01.480Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:01.648Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:01.892Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
[2023-05-01T17:36:02.058Z] error Forbidden HttpError: Forbidden
    at ensureOrigin (/usr/lib/code-server/out/node/http.js:295:15)
    at wrapped (/usr/lib/code-server/out/node/wsRouter.js:64:24)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at next (/usr/lib/code-server/node_modules/router/lib/route.js:144:13)
    at Route.dispatch (/usr/lib/code-server/node_modules/router/lib/route.js:109:3)
    at handle (/usr/lib/code-server/node_modules/router/index.js:515:11)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at /usr/lib/code-server/node_modules/router/index.js:291:22
    at param (/usr/lib/code-server/node_modules/router/index.js:368:14)
    at param (/usr/lib/code-server/node_modules/router/index.js:379:14)
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:424:3)
    at next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Function.handle (/usr/lib/code-server/node_modules/router/index.js:184:3)
    at router (/usr/lib/code-server/node_modules/router/index.js:59:12)
    at Layer.handle [as handle_request] (/usr/lib/code-server/node_modules/router/lib/layer.js:102:15)
    at trim_prefix (/usr/lib/code-server/node_modules/router/index.js:330:13)
    at /usr/lib/code-server/node_modules/router/index.js:294:7
    at Function.process_params (/usr/lib/code-server/node_modules/router/index.js:349:12)
    at Immediate.next (/usr/lib/code-server/node_modules/router/index.js:285:10)
    at Immediate.<anonymous> (/usr/lib/code-server/node_modules/router/index.js:671:15)
    at processImmediate (node:internal/timers:468:21)
File not found: /usr/lib/code-server/lib/vscode/extensions/git-base/dist/browser/extension.js
File not found: /usr/lib/code-server/lib/vscode/extensions/merge-conflict/dist/browser/mergeConflictMain.js

code-asher May 1, 2023
Maintainer

Definitely looks like you are running afoul of the origin check.

It can depend on exactly how you run the container but for example: docker run codercom/code-server --log debug.

code-asher May 1, 2023
Maintainer

Also the origin logs were added in 4.12.0 so make sure you are running that version.

code-asher May 1, 2023
Maintainer

To provide some more details, when origin is set it must be a valid URL and must match the host header (to prevent some cross-origin attacks).

So if the origin is http://test.domain.com then the host must be exactly test.domain.com. Or as another example if the origin is https://test.domain.com:1234 then the host must be exactly test.domain.com:1234. If the check fails then you get forbidden.

Usually proxy_set_header Host $host; is sufficient but you might need proxy_set_header Host $http_host; instead.

Answer selected by txwdzxq

txwdzxq May 1, 2023
Author

As you said, I have modified nginx.config.
change
proxy_set_header Host $host
to
proxy_set_header Host $http_host
is worked.
Thank you so much.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Nginx reverse proxy WITHOUT 80 and 443 port #6177

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment 5 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Select a reply

Uh oh!

Nginx reverse proxy WITHOUT 80 and 443 port #6177

Uh oh!

txwdzxq May 1, 2023

Replies: 1 comment · 5 replies

Uh oh!

code-asher May 1, 2023 Maintainer

Uh oh!

txwdzxq May 1, 2023 Author

Uh oh!

code-asher May 1, 2023 Maintainer

Uh oh!

code-asher May 1, 2023 Maintainer

Uh oh!

Uh oh!

code-asher May 1, 2023 Maintainer

Uh oh!

Uh oh!

txwdzxq May 1, 2023 Author

txwdzxq
May 1, 2023

Replies: 1 comment 5 replies

code-asher
May 1, 2023
Maintainer

txwdzxq May 1, 2023
Author

code-asher May 1, 2023
Maintainer

code-asher May 1, 2023
Maintainer

code-asher May 1, 2023
Maintainer

txwdzxq May 1, 2023
Author