mirror/nginx-ui
1
0
Fork 0
mirror of https://github.com/0xJacky/nginx-ui.git synced 2026-06-19 07:36:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f6992d8789b594d121417f0c310feee1ef14bb1c
nginx-ui/docs/guide/docker-websocket-fix.md
T
Hintay f6992d8789 fix(docker): upgrade persisted bundled nginx-ui.conf safely (#1696) 
* test(self_check): add fixed-default bundled nginx-ui.conf fixture

* test(self_check): add unfixed-default bundled nginx-ui.conf fixture

* test(self_check): add customized and partial-fix fixtures

* feat(self_check): add error codes for bundled nginx-ui.conf upgrade

* feat(self_check): add CheckBundledNginxUIConf

* feat(self_check): add idempotent applyBundledConfPatch

* feat(self_check): add transactional patch-on-disk with backup restore

* feat(self_check): wire FixBundledNginxUIConf with verify+reload

* feat(self_check): register bundled nginx-ui.conf WS-fix task

* test(docker): add init-config bats fixtures

* feat(docker): hash-whitelist sync for bundled nginx-ui.conf

* feat(docker): seed nginx-ui.conf known-hashes list

* chore(docker): add maintainer script for nginx-ui.conf hash list

* ci(docker): add bats + hash-consistency workflow for init-config.sh

* feat(docker): ship nginx-ui.conf known-hashes inside the image

* feat(self-check): banner button shows Fix when all failures are fixable

* docs: add docker websocket fix guide (en)

* docs: add docker websocket fix guide (zh_CN, zh_TW)

* docs: link docker-websocket-fix page in all locale sidebars

* docs(readme): link docker websocket fix guide

* docs(readme): link docker websocket fix guide (translations)

* fix(self_check): WS-fix check independent of NGINX_UI_IGNORE_DOCKER_SOCKET

* fix(docker): respect bundled nginx host mode

Keep bundled nginx-ui.conf self-checks aligned with Docker host mode and prevent config sync failures from blocking startup.

* fix(docker): tighten bundled conf review fixes

Co-authored-by: Jacky <me@jackyu.cn>

---------

Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Jacky <me@jackyu.cn>
2026-05-24 09:48:19 +08:00

1.8 KiB
Raw Blame History

WebSocket fix for persisted Docker installations

::: tip Applies to You persisted /etc/nginx as a Docker volume from a Nginx UI version older than the one that introduced this fix, and Nginx UI is fronted by another reverse proxy that terminates TLS (host nginx, Cloudflare, Traefik, ...). :::

Symptoms

WebSocket connections (terminal, log live tail, ...) fail with origin-mismatch errors. This happens because the container's internal nginx was overwriting X-Forwarded-Proto with its own $scheme (http), breaking the same-origin check on HTTPS deployments.

Automatic fix (recommended)

  1. Open System → Self Check.
  2. Locate Bundled nginx-ui.conf has WebSocket reverse-proxy fix.
  3. Click Attempt to fix. A timestamped .bak file is written next to the original.

::: warning If the fix fails The original file is restored from backup automatically. The error message includes the backup path. See Manual fix below. :::

Manual fix

::: code-group

map $http_x_forwarded_proto $forwarded_proto {
    default $http_x_forwarded_proto;
    ''      $scheme;
}
map $http_x_forwarded_host $forwarded_host {
    default $http_x_forwarded_host;
    ''      $http_host;
}

-        proxy_set_header   X-Forwarded-Proto    $scheme;
-        proxy_set_header   X-Forwarded-Host     $http_host;
+        proxy_set_header   X-Forwarded-Proto    $forwarded_proto;
+        proxy_set_header   X-Forwarded-Host     $forwarded_host;

:::

After saving, run docker exec <container> nginx -s reload.

Opt-out

::: info Set NGINX_UI_PRESERVE_BUNDLED_CONF=true on the container to disable the startup-time auto-upgrade. The UI-driven fix remains available regardless. :::

Reference in New Issue View Git Blame Copy Permalink