Hello,
Thanks for your work on gotify, I was looking for an alternative to FCM for my android device (which has not google play services) and it seems to be a good one :)
I installed the server and tested to connect from the android application, it works fine :
- directly to http port of gotify
- directly to https port of gotify
- through nginx proxy on http port of gotify
Sadly, I did not manage to make it work through nginx reverse proxy with https. I got the following error from android application :
Request to 'https://notif.mydomain.com/version' failed with status code 0
Indeed, I use nginx to serve all my web services securely via https and I would like to do the same for gotify to avoid to open a specific port for gotify over internet.
The problem is I don't understand why it does not work and I hope you could help me.
Here is my gotify config :
server:
port: 3080 # the port for the http server
ssl:
enabled: true # if https should be enabled
redirecttohttps: false # redirect to https if site is accessed by http
port: 3443 # the https port
certfile: /tmp/fullchain.pem # the cert file (leave empty when using letsencrypt)
certkey: /tmp/privkey.pem # the cert key (leave empty when using letsencrypt)
letsencrypt:
enabled: false # if the certificate should be requested from letsencrypt
accepttos: false # if you accept the tos from letsencrypt
cache: data/certs # the directory of the cache from letsencrypt
hosts: # the hosts for which letsencrypt should request certificates
- mydomain.com
database: # for database see (configure database section)
dialect: sqlite3
connection: data/gotify.db
defaultuser: # on database creation, gotify creates an admin user
name: admin # the username of the default user
pass: admin # the password of the default user
passstrength: 10 # the bcrypt password strength (higher = better but also slower)
uploadedimagesdir: data/images # the directory for storing uploaded images
Here is my nginx config :
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name notification.mydomain.com notifications.mydomain.com notif.mydomain.com notifs.mydomain.com;
access_log /var/log/nginx/notification.access.log;
error_log /var/log/nginx/notification.error.log notice;
ssl_certificate /etc/letsencrypt/live/notification.mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/notification.mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/notification.mydomain.com/chain.pem;
location / {
proxy_pass http://127.0.0.1:3080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Upgrade websocket;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 150;
proxy_send_timeout 100;
proxy_read_timeout 100;
client_max_body_size 8m;
client_body_buffer_size 128k;
proxy_redirect http://127.0.0.1:3080 http://$host;
}
}
At first glance, the access to gotify through this nginx vhost works like directly :
# through nginx with HTTP (works with android app) :
curl -i http://notification.mydomain.com/version
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 12 Nov 2018 11:01:56 GMT
Content-Type: application/json
Content-Length: 105
Connection: keep-alive
{"version":"1.1.8","commit":"29e0857365dc6004ff91fdee568f5b478222cd5f","buildDate":"2018-11-06-21:27:31"}
# directly to gotify with HTTPS (works with android app) :
curl -i https://notification.mydomain.com:3443/version
HTTP/2 200
content-type: application/json
content-length: 105
date: Mon, 12 Nov 2018 11:03:01 GMT
{"version":"1.1.8","commit":"29e0857365dc6004ff91fdee568f5b478222cd5f","buildDate":"2018-11-06-21:27:31"}
# through nginx with HTTPS (does not work on android app)
curl -i https://notification.mydomain.com/version
HTTP/2 200
server: nginx/1.14.0
date: Mon, 12 Nov 2018 11:04:21 GMT
content-type: application/json
content-length: 105
{"version":"1.1.8","commit":"29e0857365dc6004ff91fdee568f5b478222cd5f","buildDate":"2018-11-06-21:27:31"}
As you can see, the answer is the same in all cases but it does not work for the last one.
Do you have any idea ?
Thanks