issues with login aswell as unable to use https
-
So what setup are you trying to accomplish? Are you using a reverse proxy like nginx?
-
no, no nginx or anything like that installed, just simply went with what I saw on the doc page through putty. I already had npm installed for node.js, so I installed redis and ImageMagic (https://docs.nodebb.org/installing/os/centos/) and then just followed the docs and that was it. I'm trying to accomplish as simple and straightforward as possible setup.
-
You have ports and stuff set up weirdly, what are you trying to do there?
- To tell nodebb what port to use, set
"port": 80
in config.json - The value of the URL field should be exactly what your browser shows when you access the site, including the protocol
- To tell nodebb what port to use, set
-
still getting expired session every time when logging in, and still unable to use https:// because of Error 523 on cloudflare. added the "port": 80, to the config, removed the :80 from the url and did ./nodebb restart
-
What is your cloudflare setup? Is it set up to add SSL/TLS to your site?
-
currently the ssl mode is set to Full, Minimum TLS Version is TLS 1.2, Automatic HTTPS Rewrites is set to On, Onion Routing is On, Opportunistic Encryption is On, and Authenticated Origin Pulls is On. also TLS 1.3 is set to Enable+0RTT
-
tried disabling the proxy seting under dns on cloudflare and I'm able to login, but I'd rather not have things unproxied.
I also still can't use https:// even when set to unproxied.
-
I recommend you set up nginx as a reverse proxy with Let'sEncrypt for your TLS certificate, which is safer than using CF SSL protection.
Once you get that working you can experiment with different cloudflare options, since that seems to be your problem.
-
is there a way to use letsencrypt without nginx?
-
@VaasKahnGrim you can use a different reverse proxy but I don't believe NodeBB supports https.
-
is there a way to do it without needing a reverse proxy or any additional software besides NPM? Was hoping I could keep things as minimal as possible
-
There's no way to expose HTTPS without a reverse proxy. This was a conscious decision to keep a separation of concerns, reduce development overhead, because reverse proxies have better support, and because anyone running multiple instances will need one for load balancing anyways.
Nginx is quite easy to set up, and LetsEncrypt has very good support for it.