Hi everyone,
I would like to make a freshly installed DHIS2 instance listen to a non-default HTTP/HTTPS port, using the nginx reverse proxy.
Did anybody ever do this ?
In my example, I’d like to make it listen to port 9443.
This is my nginx.conf
# HTTPS server
server {
listen 9443 ssl;
client_max_body_size 10M;
ssl_certificate cert.crt;
ssl_certificate_key cert.key;
ssl_dhparam /etc/nginx/dhparam2048.pem;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security 'max-age=31536000';
add_header Cache-Control no-cache;
# Proxy pass to servlet container
location / {
proxy_pass http://localhost:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_buffer_size 128k;
proxy_buffers 8 128k;
proxy_busy_buffers_size 256k;
proxy_cookie_path ~*^/(.*) "/$1; SameSite=Lax";
}
}
}
This is part of my server.xml conf
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector scheme="https" proxyPort="9443" />
When I connect to https://myhost:9443/, I get redirected to https://myhost/dhis-web-commons/security/login.action, so the 9443 gets lost in between.
Thank you for your advice!