Does it exist for nodebb? - Forum member upgrades {PayPal, BTC}

General Discussion

Suggested Topics

  • 0 Votes
    1 Posts


    I am trying to setup nodebb with haproxy instead of nginx as frontend. Everything seam to be working however I am getting lots of 403 on / requests.

    frontend http-in mode http bind redirect scheme https code 301 if !{ ssl_fc } frontend https-in bind ssl crt /etc/letsencrypt/live/test/test.pem http-response set-header strict-transport-security "max-age=31536000; includeSubDomains" http-response set-header Content-Security-Policy "default-src 'self' wss: https: **; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:; img-src 'self' data:; font-src 'self' https:" http-response set-header X-XSS-Protection "1; mode=block" http-response set-header X-Content-Type-Options "nosniff" http-response set-header Referrer-Policy "no-referrer" reqadd X-Forwarded-Proto:\ https acl is_websocket hdr(Upgrade) -i WebSocket acl is_websocket path_sub -i / use_backend bk_ws if is_websocket acl acl_comments path_beg -i /comments use_backend comments if acl_comments backend comments mode http balance leastconn timeout connect 1s timeout server 600s timeout queue 600s option redispatch retries 3 acl is_woff capture.req.uri -m sub .woff acl is_ttf capture.req.uri -m sub .ttf acl is_eot capture.req.uri -m sub .eot http-response set-header Cache-Control public if is_eot or is_woff or is_ttf http-response set-header Expires -1 if is_eot or is_woff or is_ttf http-response set-header Pragma cache if is_eot or is_woff or is_ttf cookie nodebb insert indirect nocache secure server node1 cookie nodebb_node1 check inter 1000 fastinter 500 rise 2 fall 1 server node2 cookie nodebb_node2 check inter 1000 fastinter 500 rise 2 fall 1 backend bk_ws option redispatch balance roundrobin option forwardfor option httpclose server node1 maxconn 30000 weight 10 cookie ws_node1 check server node2 maxconn 30000 weight 10 cookie ws_node2 check```

    I have tried to connect directly without haproxy and the websockets are connecting correctly. However I've seen that using the haproxy the websocket protocol changed from wss to https.

    Any suggestions on how to fix this?

  • 0 Votes
    5 Posts

    @pichalite will do. Thanks.

  • 0 Votes
    18 Posts

    No problem - glad I was able to help you locate the problem.

    As long as your SSL certificate is still in place and the iRedMail functionality is all working, I don't think there should be an impact on the security of your system.

  • 0 Votes
    3 Posts


    Thanks for the tip. It seems to have converted the config to a different format (ie: instead of base_url it now uses url) and it's working. Seems odd that everything would fail all of a sudden without any changes.

    @psychobunny @julian

    Is there some kind of automatic update in v0.5 that is outside of normal nodebb operation?

  • NodeBB Demo Admin?

    General Discussion
    0 Votes
    24 Posts

    This community is really nice and supportive. How does one obtain "referrals' or whatever so you can post on other threads without waiting a long loads of time.