Update documents for Gitea behind reverse proxy. Fix some small bugs (some URLs are generated without sub-path) (#17320)

* Apache `ProxyPassReverse` only works for Location, Content-Location and URI headers on HTTP redirect responses, it causes more problems than it resolves. Now all URLs generated by Gitee have the correct prefix AppSubURL. We do not need to set `ProxyPassReverse`. * fix url param * use AppSubURL instead of AppURL in api/v1 Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-10-16 11:34:07 +08:00 · 2021-10-16 11:34:07 +08:00 · e18ea9e349
parent 55885297f4
commit e18ea9e349
5 changed files with 22 additions and 20 deletions
--- a/docs/content/doc/usage/reverse-proxies.en-us.md
+++ b/docs/content/doc/usage/reverse-proxies.en-us.md
@ -43,13 +43,15 @@ server {
    listen 80;
    server_name git.example.com;

-    location /git/ { # Note: Trailing slash
-        proxy_pass http://localhost:3000/; # Note: Trailing slash
+    # Note: Trailing slash
+    location /git/ { 
+        # Note: Trailing slash
+        proxy_pass http://localhost:3000/;
    }
 }
 ```

-Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration.
+Then you **MUST** set something like `[server] ROOT_URL = http://git.example.com/git/` correctly in your configuration.

 ## Nginx and serve static resources directly

@ -139,11 +141,10 @@ If you want Apache HTTPD to serve your Gitea instance, you can add the following
    ProxyRequests off
    AllowEncodedSlashes NoDecode
    ProxyPass / http://localhost:3000/ nocanon
-    ProxyPassReverse / http://localhost:3000/
 </VirtualHost>
 ```

-Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`
+Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`.

 If you wish to use Let's Encrypt with webroot validation, add the line `ProxyPass /.well-known !` before `ProxyPass` to disable proxying these requests to Gitea.

@ -161,13 +162,12 @@ In case you already have a site, and you want Gitea to share the domain name, yo
    AllowEncodedSlashes NoDecode
    # Note: no trailing slash after either /git or port
    ProxyPass /git http://localhost:3000 nocanon
-    ProxyPassReverse /git http://localhost:3000
 </VirtualHost>
 ```

-Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration.
+Then you **MUST** set something like `[server] ROOT_URL = http://git.example.com/git/` correctly in your configuration.

-Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`
+Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`.

 ## Caddy

--- a/docs/content/doc/usage/reverse-proxies.zh-cn.md
+++ b/docs/content/doc/usage/reverse-proxies.zh-cn.md
@ -37,13 +37,15 @@ server {
    listen 80;
    server_name git.example.com;

-    location /git/ { # Note: Trailing slash
-        proxy_pass http://localhost:3000/; # Note: Trailing slash
+    # 注意: /git/ 最后需要有一个路径符号
+    location /git/ { 
+        # 注意: 反向代理后端 URL 的最后需要有一个路径符号
+        proxy_pass http://localhost:3000/;
    }
 }
 ```

-然后在您的 Gitea 配置文件中添加 `[server] ROOT_URL = http://git.example.com/git/`。
+然后您**必须**在 Gitea 的配置文件中正确的添加类似 `[server] ROOT_URL = http://git.example.com/git/` 的配置项。

 ## 使用 Apache HTTPD 作为反向代理服务

@ -56,7 +58,6 @@ server {
    ProxyRequests off
    AllowEncodedSlashes NoDecode
    ProxyPass / http://localhost:3000/ nocanon
-    ProxyPassReverse / http://localhost:3000/
 </VirtualHost>
 ```

@ -74,13 +75,12 @@ server {
         Allow from all
    </Proxy>
    AllowEncodedSlashes NoDecode
-    # Note: no trailing slash after either /git or port
+    # 注意: 路径和 URL 后面都不要写路径符号 '/'
    ProxyPass /git http://localhost:3000 nocanon
-    ProxyPassReverse /git http://localhost:3000
 </VirtualHost>
 ```

-然后在您的 Gitea 配置文件中添加 `[server] ROOT_URL = http://git.example.com/git/`。
+然后您**必须**在 Gitea 的配置文件中正确的添加类似 `[server] ROOT_URL = http://git.example.com/git/` 的配置项。

 注：必须启用以下 Apache HTTPD 组件：`proxy`， `proxy_http`

@ -100,8 +100,9 @@ git.example.com {

 ```
 git.example.com {
-    proxy /git/ http://localhost:3000 # Note: Trailing Slash after /git/
+    # 注意: 路径 /git/ 最后需要有路径符号
+    proxy /git/ http://localhost:3000
 }
 ```

-然后在您的 Gitea 配置文件中添加 `[server] ROOT_URL = http://git.example.com/git/`。
+然后您**必须**在 Gitea 的配置文件中正确的添加类似 `[server] ROOT_URL = http://git.example.com/git/` 的配置项。
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -576,7 +576,7 @@ func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
 		// Miscellaneous
 		if setting.API.EnableSwagger {
 			m.Get("/swagger", func(ctx *context.APIContext) {
-				ctx.Redirect("/api/swagger")
+				ctx.Redirect(setting.AppSubURL + "/api/swagger")
 			})
 		}
 		m.Get("/version", misc.Version)
--- a/routers/api/v1/org/member.go
+++ b/routers/api/v1/org/member.go
@ -159,7 +159,7 @@ func IsMember(ctx *context.APIContext) {
 		}
 	}

-	redirectURL := setting.AppURL + "api/v1/orgs/" + ctx.Org.Organization.Name + "/public_members/" + userToCheck.Name
+	redirectURL := setting.AppSubURL + "/api/v1/orgs/" + ctx.Org.Organization.Name + "/public_members/" + userToCheck.Name
 	ctx.Redirect(redirectURL, 302)
 }

--- a/routers/web/user/notification.go
+++ b/routers/web/user/notification.go
@ -8,6 +8,7 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
+	"net/url"
 	"strings"

 	"code.gitea.io/gitea/models"
@ -86,7 +87,7 @@ func getNotifications(c *context.Context) {
 	// redirect to last page if request page is more than total pages
 	pager := context.NewPagination(int(total), perPage, page, 5)
 	if pager.Paginater.Current() < page {
-		c.Redirect(fmt.Sprintf("/notifications?q=%s&page=%d", c.FormString("q"), pager.Paginater.Current()))
+		c.Redirect(fmt.Sprintf("%s/notifications?q=%s&page=%d", setting.AppSubURL, url.QueryEscape(c.FormString("q")), pager.Paginater.Current()))
 		return
 	}