this post was submitted on 28 Apr 2024
19 points (100.0% liked)

Selfhosted

40717 readers
402 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Edit: Solution is in Nginx I disabled these: Cache Assets, Block Common Exploits, Websockets Support.

I can login using the local IP 192.168.1.2:9101, but when I route that with Nginx, It won't.

I have the GUI listen address as : 0.0.0.0:9101

I've been googling for hours but I can't find anything, In browser console it says

Failed to load resource: the server responded with a status of 403 ()
syncthing.my.domain.com/:1  Refused to execute script from 'https://syncthing.my.domain.com/meta.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 7 months ago (4 children)

The log doesn't mention anything regarding a login attempt

[–] [email protected] 1 points 7 months ago (3 children)

403 Forbidden doesn't necessarily mean a bad login attempt. Are you sure that's the error? My troubleshooting steps would be to access directly (no nginx), and look at the logs for a successful login. Then, look try to login with nginx, and look at those logs (both access.log and error.log on nginx, and any/all logs from syncthing). Find out where the two cases diverge and go from there.

Does syncthing have a domain name specified? If it doesn't know its domain name it may work from IP directly but not via reverse proxy. Just a hunch.

[–] [email protected] 1 points 7 months ago (2 children)

In Syncthing logs the difference between success and fail

Success

2024-04-29 00:46:58 http: POST "/rest/noauth/auth/password": status 204, 0 bytes in 62.48 ms
2024-04-29 00:46:58 http: GET "/rest/events?since=174": status 200, 240 bytes in 54538.81 ms
2024-04-29 00:46:58 http: GET "/": status 304, 0 bytes in 0.00 ms
2024-04-29 00:46:58 http: GET "/vendor/bootstrap/css/bootstrap.css": status 304, 0 bytes in 1.24 ms
2024-04-29 00:46:58 http: GET "/vendor/daterangepicker/daterangepicker.css": status 304, 0 bytes in 0.00 ms
2024-04-29 00:46:58 http: GET "/vendor/fork-awesome/css/fork-awesome.css": status 304, 0 bytes in 0.00 ms
2024-04-29 00:46:58 http: GET "/assets/font/raleway.css": status 304, 0 bytes in 0.00 ms

Fail

2024-04-29 00:44:09 http: POST "/rest/noauth/auth/password": status 403, 10 bytes in 237.16 ms
2024-04-29 00:44:09 http: GET "/modal.html": status 304, 0 bytes in 0.00 ms
2024-04-29 00:44:09 http: GET "/syncthing/core/editShareTemplate.html": status 304, 0 bytes in 0.07 ms
2024-04-29 00:44:10 http: POST "/rest/noauth/auth/password": status 204, 0 bytes in 85.43 ms
2024-04-29 00:44:11 http: GET "/": status 304, 0 bytes in 0.00 ms
2024-04-29 00:44:11 http: GET "/rest/svc/lang": status 200, 22 bytes in 0.00 ms

Does syncthing have a domain name specified I can't find an option to do so

[–] [email protected] 1 points 7 months ago (1 children)

This suggests nginx options to use re: hostname. Unsure of your nginx config...

https://forum.syncthing.net/t/web-gui-over-nginx-proxy-only/13767

[–] [email protected] 2 points 7 months ago

I managed to get it to work finally, I disabled these Cache Assets, Block Common Exploits, Websockets Support.