Hi guys.
We are having a problem with the docker tomcat xwiki image with an upstream nginx SSL reverse proxy handling the encryption. Everything appears to work well, except when attempting to upload a file of any size or type. The UI pops up a red box with “An error occurred while uploading $FILE_NAME” However, upon refresh of the page, the file was uploaded successfully. Similar behavior occurs when attempting to delete attachments. “Failed to delete attachment:” This time no $FILE_NAME.
I have seen talk of this type of error being caused by misconfigured nginx proxy configs and the tomcat config inside the container. Here is our ngnix config:
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name dom.domain.com;
error_page 403 =404;
ssl_certificate /etc/pki/tls/prox.cer;
ssl_certificate_key /etc/pki/tls/prox_combined.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/kb.access.log;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Scheme $scheme;
proxy_redirect off;
proxy_pass http://dock.domain.com:8080;
proxy_read_timeout 90;
proxy_send_timeout 90;
client_max_body_size 2048m;
}
}
As suggested in the official docs for nginx reverse proxy, we add the following to the server.xml inside the docker container:
<Engine name="Catalina" defaultHost="localhost">
<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127\.0\.[0-1]\.1"
remoteIpHeader="x-forwarded-for"
requestAttributesEnabled="true"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https"/>
Any pointers would be much appreciated.