configure reverse proxy header for proper TLS

2025-03-28 10:50:07 +01:00 · 2025-03-28 10:50:07 +01:00 · 05742d9f1c
commit 05742d9f1c
parent ddd1cd70ad
2 changed files with 8 additions and 1 deletions
--- a/docker/Caddyfile
+++ b/docker/Caddyfile
@ -42,7 +42,10 @@

 	# Proxy all other requests to Gunicorn
 	handle {
-		reverse_proxy unix//app/run/gunicorn.sock
+		reverse_proxy unix//app/run/gunicorn.sock {
+			header_up X-Forwarded-Proto https
+			header_up X-Forwarded-Host {host}
+		}
 	}

 	# Basic compression for better performance
--- a/hub/settings.py
+++ b/hub/settings.py
@ -55,6 +55,10 @@ CSRF_TRUSTED_ORIGINS = [f"https://{h}" for h in HTTPS_HOSTS] + [
 # Primary website URL
 WEBSITE_URL = env.str("WEBSITE_URL", default="https://servala.com")

+SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+USE_X_FORWARDED_HOST = True
+USE_X_FORWARDED_PORT = True
+
 # Application definition

 INSTALLED_APPS = [