From 6e8729bb58a8bd2972559cdae2d611473a2e772b Mon Sep 17 00:00:00 2001
From: MaxJa4 <74194322+MaxJa4@users.noreply.github.com>
Date: Fri, 28 Jan 2022 17:44:52 +0100
Subject: [PATCH 1/4] Added example configs and header information
Added example configs for plain local nginx and Apache2.
Also added FAQ section for all generic issues when not setting all required headers correctly.
Added section for required headers in the Docker installation docs.
---
docs/faq.md | 11 ++++
docs/install/docker.md | 123 ++++++++++++++++++++++++++++++++++++++++-
2 files changed, 133 insertions(+), 1 deletion(-)
diff --git a/docs/faq.md b/docs/faq.md
index a9b0bdc5..aeb12580 100644
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -18,6 +18,17 @@ Open Tandoor, open the menu behind the three vertical dots at the top right, sel
#### Microsoft Edge
Open Tandoor, open the menu behind the three horizontal dots at the top right, select `Apps > Install Tandoor Recipes`
+## Why is Tandoor not working correctly?
+If you just set up your Tandoor instance and you're having issues like...
+
+- Links not working
+- CSRF errors
+- CORS errors
+- No recipes are loading
+
+... then make sure, that you have set [all required headers](install/docker.md#required-headers) in your reverse proxy correctly.
+If that doesn't fix it, you can also refer to the appropriate sub section in the [reverse proxy documentation](install/docker.md#reverse-proxy) and verify your general webserver configuration.
+
## Why am I getting CSRF Errors?
If you are getting CSRF Errors this is most likely due to a reverse proxy not passing the correct headers.
diff --git a/docs/install/docker.md b/docs/install/docker.md
index 553939f2..da7a938a 100644
--- a/docs/install/docker.md
+++ b/docs/install/docker.md
@@ -102,7 +102,7 @@ wget https://raw.githubusercontent.com/vabene1111/recipes/develop/docs/install/d
!!!note
Don't forget to [download and configure](#docker-compose) your ```.env``` file!
-#### **nginx-proxy**
+#### **jwilder's Nginx-proxy**
This is a docker compose example using [jwilder's nginx reverse proxy](https://github.com/jwilder/docker-gen)
in combination with [jrcs's letsencrypt companion](https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/).
@@ -152,6 +152,102 @@ Please refer to the [appropriate documentation](https://github.com/linuxserver/d
For step-by-step instructions to set this up from scratch, see [this example](swag.md).
+#### **Pure Nginx**
+
+If you have Nginx installed locally on your host system without using any third party integration like Swag or similar, this is for you.
+
+You can use the Docker-Compose file from [Plain](#plain).
+!!!warning "Adjust Docker-Compose file"
+ Replace `80:80` with `PORT:80` with PORT being your desired outward-facing port.
+ In the nginx config example below, 8080 is used.
+
+An example configuration with LetsEncrypt to get you started can be seen below.
+Please note, that since every setup is different, you might need to adjust some things.
+
+!!!warning "Placeholders"
+ Don't forget to replace the domain and port.
+
+```nginx
+server {
+ if ($host = recipes.mydomain.tld) { # replace domain
+ return 301 https://$host$request_uri;
+ }
+
+ server_name recipes.mydomain.tld; # replace domain
+ listen 80;
+ return 404;
+}
+server {
+ server_name recipes.mydomain.tld; # replace domain
+ listen 443 ssl;
+
+ ssl_certificate /etc/letsencrypt/live/recipes.mydomain.tld/fullchain.pem; # replace domain
+ ssl_certificate_key /etc/letsencrypt/live/recipes.mydomain.tld/privkey.pem; # replace domain
+ include /etc/letsencrypt/options-ssl-nginx.conf;
+ ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+ location / {
+ proxy_set_header Host $http_host; # try $host instead if this doesn't work
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://127.0.0.1:8080; # replace port
+ proxy_redirect http://127.0.0.1:8080 https://recipes.domain.tld; # replace port and domain
+ }
+}
+```
+
+!!!note
+ Don't forget to [download and configure](#docker-compose) your ```.env``` file!
+
+#### **Apache**
+
+You can use the Docker-Compose file from [Plain](#plain).
+!!!warning "Adjust Docker-Compose file"
+ Replace `80:80` with `PORT:80` with PORT being your desired outward-facing port.
+ In the Apache config example below, 8080 is used.
+
+If you use e.g. LetsEncrypt for SSL encryption, you can use the example configuration from [solaris7590](https://github.com/TandoorRecipes/recipes/issues/1312#issuecomment-1020034375) below.
+
+!!!warning "Placeholders"
+ Don't forget to replace the domain and port.
+
+```apache
+
+
+ ServerAdmin webmaster@mydomain.de # replace domain
+ ServerName mydomain.de # replace domain
+
+ Redirect permanent / https://mydomain.de/ # replace domain
+
+
+
+ ServerAdmin webmaster@mydomain.de # replace domain
+ ServerName mydomain.de # replace domain
+
+ SSLEngine on
+
+ RequestHeader set X-Forwarded-Proto "https"
+ Header always set Access-Control-Allow-Origin "*"
+
+ ProxyPreserveHost On
+ ProxyRequests Off
+ ProxyPass / http://localhost:8080/ # replace port
+ ProxyPassReverse / http://localhost:8080/ # replace port
+
+ SSLCertificateFile /etc/letsencrypt/live/mydomain.de/fullchain.pem # replace domain/path
+ SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.de/privkey.pem # replace domain/path
+ Include /etc/letsencrypt/options-ssl-apache.conf
+
+ ErrorLog ${APACHE_LOG_DIR}/recipes_error.log
+ CustomLog ${APACHE_LOG_DIR}/recipes_access.log combined
+
+
+```
+
+If you're having issues with the example configuration above, you can try [beedaddy](https://github.com/TandoorRecipes/recipes/issues/1312#issuecomment-1015252663)'s example config.
+
+!!!note
+ Don't forget to [download and configure](#docker-compose) your ```.env``` file!
+
#### **Others**
If you use none of the above mentioned reverse proxies or want to use an existing one on your host machine (like a local nginx or Caddy), simply use the [Plain](#plain) setup above and change the outbound port to one of your liking.
@@ -213,3 +309,28 @@ configuration files for all user generated data (e.g. Postgresql and media files
You can move everything to volumes if you prefer it this way, **but you cannot convert the nginx config file to a bind
mount.**
If you do so you will have to manually create the nginx config file and restart the container once after creating it.
+
+### **Required Headers**
+
+Please be sure to supply all required headers in your nginx/Apache/Caddy/... configuration!
+
+nginx:
+```nginx
+location / {
+ proxy_set_header Host $http_host; # try $host instead if this doesn't work
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://127.0.0.1:8080; # replace port
+ proxy_redirect http://127.0.0.1:8080 https://recipes.domain.tld; # replace port and domain
+}
+```
+
+Apache:
+```apache
+RequestHeader set X-Forwarded-Proto "https"
+Header always set Access-Control-Allow-Origin "*"
+
+ProxyPreserveHost On
+ProxyRequests Off
+ProxyPass / http://localhost:8080/ # replace port
+ProxyPassReverse / http://localhost:8080/ # replace port
+```
\ No newline at end of file
From 76dac29f1c4fbdd5cbf659f9ca9093978aff585f Mon Sep 17 00:00:00 2001
From: MaxJa4 <74194322+MaxJa4@users.noreply.github.com>
Date: Sun, 30 Jan 2022 00:28:27 +0100
Subject: [PATCH 2/4] Added raspberry pi setup issue FAQ
Added raspberry pi setup issue FAQ/info
---
docs/faq.md | 4 ++++
docs/install/docker.md | 18 +++++++++++++++++-
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/docs/faq.md b/docs/faq.md
index aeb12580..b09ff43c 100644
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -45,6 +45,10 @@ The other common issue is that the recommended nginx container is removed from t
If removed, the nginx webserver needs to be replaced by something else that servers the /mediafiles/ directory or
`GUNICORN_MEDIA` needs to be enabled to allow media serving by the application container itself.
+## Why is Tandoor not working on my Raspberry Pi?
+
+Please refer to [here](install/docker.md#setup-issues-on-raspberry-pi).
+
## How can I create users?
To create a new user click on your name (top right corner) and select system. There click on invite links and create a new invite link.
diff --git a/docs/install/docker.md b/docs/install/docker.md
index da7a938a..82ef5900 100644
--- a/docs/install/docker.md
+++ b/docs/install/docker.md
@@ -333,4 +333,20 @@ ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://localhost:8080/ # replace port
ProxyPassReverse / http://localhost:8080/ # replace port
-```
\ No newline at end of file
+```
+
+### **Setup issues on Raspberry Pi**
+
+If you're having issues with installing Tandoor on your Raspberry Pi or similar device,
+follow these instructions:
+
+- Stop all Tandoor containers (`docker-compose down`)
+- Retry by starting everything again (`docker-compose up -d`) (yes, seriously; if the database starts too slow, the start of the web container will fail)
+
+If this doesn't work (and you waited at least 30-60 seconds after you started the containers), try this:
+
+- Stop all Tandoor containers (`docker-compose down`)
+- Delete local database folder (usually 'postgresql' in the same folder as your 'docker-compose.yml' file)
+- Start Tandoor containers again (`docker-compose up -d`)
+- Wait for at least 30-60 seconds and then check if everything is working now
+- If not, check logs of the web_recipes container with `docker logs ` and make sure that all migrations are indeed already done
\ No newline at end of file
From 300d1322664ce595349cde87daaee1a61296d2f2 Mon Sep 17 00:00:00 2001
From: MaxJa4 <74194322+MaxJa4@users.noreply.github.com>
Date: Sun, 30 Jan 2022 01:24:17 +0100
Subject: [PATCH 3/4] Removed retry process since it's fixed now
Removed retry process since it's fixed now by improvement/wait_for_db
---
docs/install/docker.md | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/docs/install/docker.md b/docs/install/docker.md
index 82ef5900..ad336736 100644
--- a/docs/install/docker.md
+++ b/docs/install/docker.md
@@ -340,13 +340,8 @@ ProxyPassReverse / http://localhost:8080/ # replace port
If you're having issues with installing Tandoor on your Raspberry Pi or similar device,
follow these instructions:
-- Stop all Tandoor containers (`docker-compose down`)
-- Retry by starting everything again (`docker-compose up -d`) (yes, seriously; if the database starts too slow, the start of the web container will fail)
-
-If this doesn't work (and you waited at least 30-60 seconds after you started the containers), try this:
-
- Stop all Tandoor containers (`docker-compose down`)
- Delete local database folder (usually 'postgresql' in the same folder as your 'docker-compose.yml' file)
- Start Tandoor containers again (`docker-compose up -d`)
-- Wait for at least 30-60 seconds and then check if everything is working now
+- Wait for at least 30-60 seconds and then check if everything is working now (migrations can take quite some time!)
- If not, check logs of the web_recipes container with `docker logs ` and make sure that all migrations are indeed already done
\ No newline at end of file
From 39c3ce7ab2051fc178e99b50dbdca6c90004e1c8 Mon Sep 17 00:00:00 2001
From: MaxJa4 <74194322+MaxJa4@users.noreply.github.com>
Date: Mon, 31 Jan 2022 15:42:48 +0100
Subject: [PATCH 4/4] More emphasis on waiting for migrations
---
docs/install/docker.md | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/docs/install/docker.md b/docs/install/docker.md
index ad336736..233e05a6 100644
--- a/docs/install/docker.md
+++ b/docs/install/docker.md
@@ -337,11 +337,14 @@ ProxyPassReverse / http://localhost:8080/ # replace port
### **Setup issues on Raspberry Pi**
+!!!info
+ Always wait at least 2-3 minutes after the very first start, since migrations will take some time!
+
If you're having issues with installing Tandoor on your Raspberry Pi or similar device,
follow these instructions:
- Stop all Tandoor containers (`docker-compose down`)
- Delete local database folder (usually 'postgresql' in the same folder as your 'docker-compose.yml' file)
- Start Tandoor containers again (`docker-compose up -d`)
-- Wait for at least 30-60 seconds and then check if everything is working now (migrations can take quite some time!)
+- Wait for at least 2-3 minutes and then check if everything is working now (migrations can take quite some time!)
- If not, check logs of the web_recipes container with `docker logs ` and make sure that all migrations are indeed already done
\ No newline at end of file