Docker Nginx Proxy Manager

Hello everyone,

Now that I can access Vikunja locally via
http://192.168.178.20:3456/ and was able to create an account there, I would like to take the next step and make Vikunja accessible from outside via Nginx Proxy Manager.
I already have:

• One domain: vikunja.stratoDomain.eu
• For this domain I remove the DNS rebind protection in my fritz.box
• I have gone through the settings for the Nginx Proxy Manager as described here: Setup behind a reverse proxy It looks like this for me:
  (But I have to admit that the DNS Challange is active in the background. There is no other way to generate a certificate.)

Nginx Proxy Manager settings

image481×526 29.2 KB

image477×243 10.3 KB

image477×360 18.1 KB

image476×578 32.9 KB

• I have adapted the Docker compose file as follows and then run it as a stack in portainer:

With these settings, Vikunja cannot be accessed via https://vikunja.stratoDomain.eu:MyForwardedHTTPSPort
Does anyone have any ideas what else I could try?

Can you verify that your DNS is working correctly?

OMG!
Many thanks for this pointer!!

I used Online Ping, Traceroute, DNS lookup, WHOIS, Port check, Reverse lookup, Proxy checker, Bandwidth meter, Network calculator, Network mask calculator, Country by IP, Unit converter to figure out that Strato “forgott” my Subdomain settings (cname).

Now I reach
https://vikunja.stratoDomain.eu:MyOpenHTTPSPort

But I’m stuck in an loop

grafik261×204 7.14 KB

Adding /api/v1 shows me:

{“message”:“missing, malformed, expired or otherwise invalid token provided”}

Any idea what is meant with invalid token?

Is there anything in the dev tools?

That’s expected. The response comes from the api, that means you can reach it.

You’d need to pass a token as the Authorization header, which browsers don’t do unless you write code to do it.

Hi

Is there anything in the dev tools?

I don’t understand that . Which develepment tools do you mean? What can I check and how? Do you have a link for me?
Do you mean the Development Section from the Vikunja Docs? Do you have a specific section in mind that I should check?

pass a token as the Authorization header

Do you have any instructions on how to do this?
And why is the behavior here different from when I access Vikunja locally via 192.168.x.x.:3456? I can access the login screen locally and can also log in after creating an account. Is there a technical reason for this?

The dev tools are actually built into your browser - no need to install anything. You can open them by:

• In Chrome/Edge: Press F12 or right-click anywhere on the page and select “Inspect”
• In Firefox: Press F12 or right-click and select “Inspect Element”

There should be a tab called “Console”. With that tab open, reload the page where you see the loading spinner. If there is something wrong, it should show up there.

The error with the Authorization header is something that Vikunja uses when you use Vikunja normally through its interface. You only see this error because you’re trying to access the API directly in your browser. You only need to use this directly when you’re programming tools to interact with Vikunja’s API directly.

The reason it works when you access it via 192.168.x.x:3456 is because you’re accessing the full Vikunja application there, which handles all the login stuff for you behind the scenes. When you try to access the API directly (/api/v1), you’re bypassing all of that, which is why you get the error.

Ah

I wrote above that I am trapped in a loop.
I have just realized that this is apparently not quite right.

After a very, very long time, I end up at
https://vikunja.stratoDomain.eu:myOpenHTTPSPort
at this point:

Screenshots

grafik1447×888 58.3 KB

after being stuck here for a long time:

grafik253×180 7.06 KB

I don’t want to call the API at all, I only tried it because I read something like that here in the forum and I hoped to get more information about it.

hm… probably the error is here (from the DEV section of the browser):

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource at https://vikunja.stratoDomain.eu/api/v1/info. (Reason: CORS request failed). Status code: (null).
and

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://vikunja.stratoDomain.eu:3456/api/v1/info. (Reason: CORS request failed). Status code: (null).

I don’t understand this yet and need to read in. Help is welcome See also the following comment.
But what I am also wondering here: Why a mix between external domain and internal port occurs here. This should actually be managed by NGINX Proxy Manager. But maybe that doesn’t matter.

What makes me wonder is that I have set up my https access to immich and vaultwarden in an almost identical way, which also works.

because you’re accessing the full Vikunja application there

Thank you for the explanation

Does your publicurl contain the port?

OMG ²

That was it - I needed to change it to
https://vikunja.startoDomain.eu:MyOpenHTTPSPort

I read (I think) somewhere that publicurl should be without Port. Therefore I didn’t try this before :-/

Thank you verry much!