I update the .env file with new subdomain
Currently running on domain.com, switching to sub.domain.com
Restart the container
I get to the login, but it never goes beyond. Tried creating new users, login to existing user accounts, nothing works.
But any new user I create when on subdomain, even if it does not login when I switch back to original domain the user is there
Things I’ve tried
- docker-compose exec server corteza-server settings set auth.session.domain newdomain.example.com
** ChatGPT wanted to me run this and change server settings. No effect
- AUTH_SESSION_COOKIE_DOMAIN=app2.domain.com
** Added to .env - Same issue, no luck
- HTTP_WEBAPP_BASE_URL=https://app2.domain.com
** Added to .env - Same issue, no luck
I’m using Corteza v2024.9.2 in a Docker container behind nginx-proxy and Let’s Encrypt (acme-companion).
According to an AI code review leveraging Server configuration :: Corteza Docs
the issue is likely due to a mismatch between the base URL expected by the Corteza server and the actual URL being used to access the application. Ensure generated URLs and session cookies are correctly scoped to your new subdomain.
For Corteza version 2024.9.x, you should set the following variables in your .env
file:
-
DOMAIN=sub.domain.com
: This variable is crucial as it informs the Corteza backend of the primary domain it is being served from.
-
HTTP_WEBAPP_BASE_URL=https://sub.domain.com
: This variable specifies the base URL for the web applications, ensuring that links and redirects are generated correctly.
It is also good practice to ensure session cookie is correctly configured for your new subdomain to prevent login issues.
-
AUTH_SESSION_COOKIE_DOMAIN=sub.domain.com
: Explicitly sets the domain for the session cookie.
-
AUTH_SESSION_COOKIE_SECURE=true
: Since you are using Let’s Encrypt (HTTPS), this ensures cookies are only sent over a secure connection.
Recommended Action
-
Stop your Docker containers:
Bashdocker-compose down
-
Edit your
.env
file and add or modify the following lines, replacing sub.domain.com
with your actual subdomain:Code snippetDOMAIN=sub.domain.com HTTP_WEBAPP_BASE_URL=https://sub.domain.com AUTH_SESSION_COOKIE_DOMAIN=sub.domain.com AUTH_SESSION_COOKIE_SECURE=true
-
Restart your containers:
Bashdocker-compose up -d
The corteza-server settings set
command is generally not the recommended way to manage this configuration in a Docker environment, as environment variables in the .env
file take precedence and provide a more declarative and reproducible setup.
END
Hope this is useful.
1 Like
Thanks @simple1 for looking into this and responding.
So, I tried below but still the same issue, stuck at the login screen
DOMAIN=app2.domain.com
VERSION=2024.9.2
AUTH_SESSION_COOKIE_DOMAIN=app2.domain.com
HTTP_WEBAPP_BASE_URL=https://app2.domain.com
AUTH_SESSION_COOKIE_SECURE=true
Maybe try this.
Bashdocker-compose down
-
Update your
.env
file with the full required configuration, adding the new variable. Replace the CIDR with your actual network range if known, otherwise 172.16.0.0/12
is a safe starting point that covers most default Docker private networks.`Code snippet# — Existing and Assumed Correct Variables —
DOMAIN=app2.yourdomain.com
HTTP_WEBAPP_BASE_URL=https://app2.yourdomain.com
AUTH_SESSION_COOKIE_DOMAIN=app2.yourdomain.com
AUTH_SESSION_COOKIE_SECURE=true
— ADD THIS VARIABLE —
– Trust forwarded headers (X-Forwarded-For, X-Forwarded-Proto, etc.) from the Docker network where the reverse proxy lives. –
HTTP_FORWARDED_TRUSTED_CIDR=172.16.0.0/12`
-
Clear browser cache and cookies for
app2.yourdomain.com
to ensure you are not using old invalid session cookie.
-
Restart your containers.
Hope this works, out of suggestions if no go.
1 Like
Thanks, it worked. All it needed was the proxy container to be refreshed.
Simple domain setting was enough DOMAIN=app2.yourdomain.com
1 Like