Oauth not valid behind reverse proxy

Troubleshooting
1

Hello everyone,

I am using gitlab and mattermost behind reverse proxy on same domain and same server (as I use omnibus installation).

When I try to make the link between mattermost and gitlab by creating a team on the mattermost startup screen, I am redirected to Gitlab to validate the application but I have this error : The redirect URI included is not valid.

When I check the url, I can see that there is http instead of https : https://git.domain.com/oauth/authorize?response_type=code&client_id=xxxxxx&redirect_uri=http%3A%2F%2Fmat.domain.com%2Fsignup%2Fgitlab%2Fcomplete&state=yyyyyyyyy

How can I change http to https in the redirect_uri parameter ? When I change it manually, Gitlab seems to detect mattermost.

Here is my gitlab.rb : external_url ‘https://git.domain.com’

…
nginx[‘listen_port’] = 80
nginx[‘listen_https’] = false
…
mattermost_external_url ‘https://mat.domain.com’
mattermost_nginx[‘listen_port’] = 80
mattermost_nginx[‘listen_https’] = false

Thank you in advance for your help

1 Like
2

Having the same issue here, do you have any update @kyryus?

3

Salut/Hello @pierreozoux,

I manage to make it work by adding :

nginx['proxy_set_headers'] = {
  "Host" => "$http_host",
  "X-Real-IP" => "$remote_addr",
  "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
  "X-Forwarded-Proto" => "https",
  "X-Forwarded-Ssl" => "on"
}

and also this I think :

mattermost_nginx[‘proxy_set_headers’] = {
“Host” => “$http_host”,
“X-Real-IP” => “$remote_addr”,
“X-Forwarded-For” => “$proxy_add_x_forwarded_for”,
“X-Forwarded-Proto” => “https”,
“X-Forwarded-Ssl” => “on”
}

In my gitlab.rb

I am not really sure because I got it work but I did not liked Mattermost, I move to RocketChat.
I thought that Mattermost would be integrated inside GITLAB but it is not like this.

Hope that it helped you,

Bye

4

Thanks a lot @kyryus I managed thanks to your help!

Here is my setup for people interested: https://github.com/pierreozoux/mattermost-docker