Unable to install Ghost on Nginx

• What version of Ghost are you using?
  Latest
• What configuration?
  Nginx SSL
• What browser?
  Firefox
• What errors or information do you see in the console?
  Infinite redirect loop

Hello at all,

I’m trying to install Ghost for the past 6 hours but I’m in a lot of troubles. I want to use Nginx as reverse proxy. I configured Nginx to use 443 and to proxy pass to Ghost. Now starts the pain :

on Firefox, I have an infinite 301 redirect loop. On certain pages, not all of them. Mostly on the homepage.
I then realized that Chrome was working fine for some time. Until it failed the same way
I have tried to clear cache, history, restart browser. The results are not consistent at all.
So now I’m ending up at testing with wget --no-cache.

But now, everything is working except the homepage and I really don’t know why…

I don’t need SSL between nginx and ghost so I did not “ghost setup ssl”. I already have a valid certificate for nginx.

I must say that I have quite a lot of experience on Nginx and that I have been working with proxy pass many times. I have never got this result. I wonder who is doing the double redirection that fails on the homepage.

I am just getting crazy, any help would be appreciated
thanks a lot

I have never worked on Express. But I noticed that on Ghost, paths must be terminated with /.
For example /ghost : if the final / is not there, there will be a 301 redirect to /ghost/

I have compared with another setup I did with Nginx + SSL + Proxy pass and there is not the same behavior.

I wonder if this is related to my homepage issue

Hey @ademain

Here are some troubleshooting steps that might steer you in the right direction:

1. If you’re using https, your Ghost URL must be set to https://.... If you make a change, make sure you restart ghost!

2. Ensure you’re passing the X-Forwarded-Proto header from nginx to ghost

3. If you have CloudFlare in front of your site, make sure you have SSL set to strict or full - setting it to flexible will cause issues with a site upgrading HTTP requests

Hope this helps

Thanks @vikaspotluri123,

I have done A LOT of testing of different settings. To answer your points :
1/ My ghost url starts with https://
2/ I’m passing the right headers. I have check the ghost-cli Nginx template
3/ I’m not using Cloudflare.

My Nginx setting is the following:

server {
  server_name mydomain.net;
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  
  #HTTP_TO_HTTPS_END
  ssl_certificate    /www/server/panel/vhost/cert/mydomain.net/fullchain.pem;
  ssl_certificate_key    /www/server/panel/vhost/cert/mydomain.net/privkey.pem;
  ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;
  ssl_session_timeout 10m;
  add_header Strict-Transport-Security "max-age=31536000";
  error_page 497  https://$host$request_uri;
  
#PROXY-START/

location /
{
	
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Host $host;
    proxy_pass http://127.0.0.1:2368/;
    resolver 1.1.1.1 8.8.8.8;
    proxy_redirect off;  # I tried with and without this setting

location ~ /.well-known {
    allow all;
}


#PROXY-END/  
  location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
  {
      return 404;
  }
  
  
  access_log  /www/wwwlogs/mydomain.net.log;
  error_log  /www/wwwlogs/mydomain.net.error.log;  
}

Thanks

I found a temporary solution : when editing the content/settings/routes.yaml file and changing the default / route to /home/, everything works now. So the problem is really with the homepage. But this fix is not enough as the / URL is still broken

ERRATUM : not working.

I did a redirect from / to /home/ => that works
The page /author/axel works
The posts URLs work
The page /ghos returns a proper 404 (normal)

But the page /ghost/ does the infinite loop.

EDIT : the loop occurs on Firefox, not on Chrome. I’m getting really lost …

For some reason, it works fine when I enable the proxy cache. But I can’t enable it for all page (because of the ghost BO). So disabling the cache for /ghost/ leads to a infinite loop.

Can you confirm your Ghost version?

With your caching strategy, that’s really weird, the rule of thumb is the admin panel should never be cached (e.g. /ghost/*) since most 1-click caching solutions don’t work well with them.

Can you try using curl locally to see how ghost is behaving?

e.g. curl -I http://127.0.0.1:2368/ghost/ -H "Host: mydomain.com" -H "X-Forwarded-Proto: https"

If that’s working, then you know that everything in Ghost is set up properly so you can move to debugging nginx

My Ghost version is 3.39.2.

Actually, my blog is working fine on Chrome now, all pages fine.
But not on Firefox. Many page are still redirecting. It really weird. I tried in private mode, I tried from safe mode, I tried to clear the cache…

The result of your command:

HTTP/1.1 200 OK
X-Powered-By: Express
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Frame-Options: sameorigin
Accept-Ranges: bytes
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
ETag: W/"db8-7438674ba0"
Content-Type: text/html; charset=UTF-8
Content-Length: 3512
Vary: Accept-Encoding
Date: Tue, 08 Dec 2020 16:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5

Thanks

I just called a friend. Same issue: it works with Chrome and Safari but not with Firefox …

Hello

For information, this is SOLVED. I was using aaPanel with Nginx module. It seems aaPanel doesn’t do it right despite my numerous tries to change the nginx config.
I removed aaPanel, reinstalled Nginx manually and reinstalled the blog. Working now. Thanks for your help.