Mixed content and WSS error after add taiga in my nginx reverse proxy

Troubleshooting
2

Hi @tartrib

There is an example at the end of the Taiga 30min setup guide

First of all, you have to apply some changes in your .env file to use https and wss instead of http and ws:

TAIGA_SCHEME=https
TAIGA_DOMAIN=my_alias_taiga.domain.local
SUBPATH=""
WEBSOCKETS_SCHEME=wss

If you have directly modified the docker-compose.yml file you have to apply the necessary changes so that the different pieces use the secured external url (https://my_alias_taiga.domain.local and wss://my_alias_taiga.domain.local) for TAIGA_SITES_SCHEME and TAIGA_SITE_DOMAIN in x-environments and for TAIGA_URL and TAIGA_WEBSOCKETS_URL in the taiga-front service.

And now you have to configure your nginx with something like this.

server {
      listen 80;
      server_name my_alias_taiga.domain.local;
      rewrite ^(.*) https://my_alias_taiga.domain.local$1 permanent;
}

server {
      listen 443 ssl;
      server_name my_alias_taiga.domain.local;
      
      location / {
          proxy_set_header Host $http_host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Scheme $scheme;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_redirect off;
          proxy_pass http://localhost:9000/;
      }
      
      # Events
      location /events {
          proxy_pass http://localhost:9000/events;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          proxy_set_header Host $host;
          proxy_connect_timeout 7d;
          proxy_send_timeout 7d;
          proxy_read_timeout 7d;
      }
  
      # TLS: Configure your TLS following the best practices inside your company
      ssl_certificate /etc/letsencrypt/live/my_alias_taiga.domain.local/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/my_alias_taiga.domain.local/privkey.pem;
      include /etc/letsencrypt/options-ssl-nginx.conf;
      ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
      
      # Logs and other configurations
      error_log  /var/log/nginx/mytaiga.domain.local-error.log warn;
      access_log  /var/log/nginx/mytaiga.domain.local-access.log  main;
  }

I use http://localhost:9000/ because is the port using by the default setup. Use the port 80 for the taiga service (docker) and for the local nginx does not seem a good idea.

I hope this can help.

Best regards