Mattermost, Inc.

Url in the email behind apache proxy

Hello,

I am having a problem with the link in the emails sent by the

mattermost. Im my setup, i have a mattermost behind a Apache proxy for the ssl and when the mattermost send a email, like the reset password email, the link is pointing to the http not the https.

The mattermost is get the information about the url from the rewrite rule in the apache configuration file of the site:

RewriteRule .* http://mysite.com:8065%{REQUEST_URI} [P,QSA,L]

The problem is that i can not change the site in the rewrite rule, otherwise the server stops to work.

Does anyone know how to solve this?

Thanks!

The full configuration of the site in the apache is here:

> <IfModule mod_ssl.c>
> <VirtualHost *:443>
>         ServerName mysite.com
>         ServerAdmin webmaster@example.org

>         ErrorLog ${APACHE_LOG_DIR}/mattermost-error.log
>         CustomLog ${APACHE_LOG_DIR}/mattermost-access.log combined
>         RewriteEngine On
>         RewriteCond %{REQUEST_URI} ^/api/v1/websocket [NC,OR]
>         RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
>         RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
>         RewriteRule .* ws://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
>         RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
>         RewriteRule .* http://mysite.com:8065%{REQUEST_URI} [P,QSA,L]
> #        RequestHeader set X-Forwarded-Proto "https"
>         
>         RequestHeader unset If-Modified-Since
>         RequestHeader unset If-None-Match

>         <Location /api/v1/websocket>
>                 Require all granted
>                 ProxyPassReverse ws://127.0.0.1:8065/api/v1/websocket
>                 ProxyPassReverseCookieDomain 127.0.0.1 mysite.com
>         </Location>
>         <Location />
>                 Require all granted
>                 ProxyPassReverse http://127.0.0.1:8065/
>                 ProxyPassReverseCookieDomain 127.0.0.1 mysite.com
> </Location>
> # Some rewrite rules in this file were were disabled on your HTTPS site,
> # because they have the potential to create redirection loops.
> #         RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
> SSLCertificateFile /etc/letsencrypt/live/mysite.com/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/mysite.com/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> </VirtualHost>
> </IfModule>

I’m having a similar issue, except we’re using IIS url rewriting to offload the request to mattermost. I actually wrote a VERY simplistic changeset for mattermost to allow the specification of a “ProxyUrl” which is used to override the actual URL for situations like these. In my case, it’s not just a matter of HTTP to HTTPS, our hostnames and ports differ as well. The changeset worked beautifully for us, but it’d be great to know if there’s something OOTB that could work!

Hello,

I though the same, change in the code of mattermost to override with the url that i wanna, but i did not manage.

Can you send me the modification that you made? Maybe will work for me also.

Thanks

I created a patch for outside URL setting. It is useful for rewrite case and reverse proxy. You can change URL by config.json’s OutsideURL options.

The OutsideURL configuration syntax is “<PROTOCOL>://<HOSTNAME>(:<PORT>)”. You do not need last "/"slash.

The patch on GitHub

After 5 hours my patch was released, official SiteURL function was released.

Great work!!! Thanks for doing this. I ended up turning off email notifications for my team, good to know we’ll be able to turn it back on!!