Gitlab_Mattermost setup unable to redirect http to https

Mattermost and Gitlab are set up in two different servers via omnibus installation. I get a “The redirect uri is not valid” error. Upon further inspection, in gitlab.rb , mattermost external uri is set to 'https://site.com" , the configuration in Gitlab admin dashboard > Admin > Application >Mattermost has https:// URLs. The setup has no mention of allowing HTTP. Redirection of HTTP to https is also enabled.

Mattermost Version: 7.0.1
Database Schema Version: 85
Database: postgres

Gitlab version 15.1

I found another topic with the same problem:

And I found an older GitHub Issue which suggests that this could be caused by a misbehaving proxy (i.e. sending the X-Forwarded-Proto header with a wrong value).

You said that you have Mattermost and Gitlab installed on two different servers using the omnibus installation. Can you describe your setup a little bit more, please? On server 1, where Mattermost is running, has this been installed using the Mattermost omnibus installation? If so, can you please share the contents of the files /etc/mattermost/mmomni.yml, /etc/mattermost/mmomni.mattermost.env and /etc/nginx/conf.d/mattermost.conf?

Make sure to remove passwords and other sensitive information from these files, please.

/etc/mattermost/mmomni.yml

db_user: mmuser
db_password: <redacted>
fqdn: mywebiste.net
email:myemail@email.com
https: false
data_directory: /var/opt/mattermost/data
enable_plugin_uploads: true
enable_local_mode: true

mmomni.mattermost.env

###################################
# Omnibus generated configuration #
###################################
MM_INSTALL_TYPE=omnibus
MM_CONFIG=postgres://mmuser:password@localhost:5432/mattermost?sslmode=disable&connect_timeout=10
MM_SQLSETTINGS_DATASOURCE=postgres://mmuser:password@localhost:5432/mattermost?sslmode=disable&connect_timeout=10
MM_SERVICESETTINGS_SITEURL=http://mywebsite.net
MM_FILESETTINGS_DIRECTORY=/var/opt/mattermost/data
MM_PLUGINSETTINGS_ENABLEUPLOADS=True
MM_SERVICESETTINGS_ENABLELOCALMODE=True

############################
# Omnibus fixed properties #
############################
MM_SERVICESETTINGS_LISTENADDRESS=":8065"
MM_SERVICESETTINGS_FORWARD80TO443=false
MM_SERVICESETTINGS_USELETSENCRYPT=false
MM_SERVICESETTINGS_CONNECTIONSECURITY=
MM_LOGSETTINGS_FILELOCATION=/var/log/mattermost

/etc/nginx/conf.d/mattermost.conf

upstream backend {
   server 127.0.0.1:8065;
   keepalive 32;
}

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;


server {
        listen 80 default_server;
      listen [::]:80 default_server;
  
    server_name chat.gurzu.net;
  
    # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
  add_header Strict-Transport-Security max-age=15768000;

  location ~ /api/v[0-9]+/(users/)?websocket$ {
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      client_max_body_size 50M;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Frame-Options SAMEORIGIN;
      proxy_buffers 256 16k;
      proxy_buffer_size 16k;
      client_body_timeout 60;
      send_timeout 300;
      lingering_timeout 5;
      proxy_connect_timeout 90;
      proxy_send_timeout 300;
      proxy_read_timeout 90s;
      proxy_pass http://backend;
  }

  location ~ /plugins/focalboard/ws/* {
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      client_max_body_size 50M;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Frame-Options SAMEORIGIN;
      proxy_buffers 256 16k;
      proxy_buffer_size 16k;
      client_body_timeout 60;
      send_timeout 300;
      lingering_timeout 5;
      proxy_connect_timeout 90;
      proxy_send_timeout 300;
      proxy_read_timeout 90s;
      proxy_pass http://backend;
  }

  location / {
      client_max_body_size 50M;
      proxy_set_header Connection "";
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Frame-Options SAMEORIGIN;
      proxy_buffers 256 16k;
      proxy_buffer_size 16k;
      proxy_read_timeout 600s;
      proxy_cache mattermost_cache;
      proxy_cache_revalidate on;
      proxy_cache_min_uses 2;
      proxy_cache_use_stale timeout;
      proxy_cache_lock on;
      proxy_http_version 1.1;
      proxy_pass http://backend;
  }
}

Yes, both are on different servers. Both were installed using omnibus. i.e Mattermost omnibus and Gitlab Omnibus.

I edited your post for better formatting and removed your password, JFYI.

Can you please try to change the following line in mmomni.mattermost.env to also point to https?

MM_SERVICESETTINGS_SITEURL=http://mywebsite.net

Then run the command mmomni reconfigure, restart the mattermost service (systemctl restart mattermost) and try again, please.

I did that. Still got the same error. URI is invalid.