fix: don't break when logging in with keycloak

.env.sample

@@ -42,6 +42,13 @@ PASSWORD_LOGIN_ENABLED=true
 SQL_LOG_LEVEL=WARN
 ROOT_LOG_LEVEL=WARN
 
+# for nginx
+NGINX_ACCESS_LOG_LOCATION="/dev/null"
+NGINX_ERROR_LOG_LOCATION="/dev/null"
+# Comment the previous two lines and uncomment these to enable logging
+#NGINX_ACCESS_LOG_LOCATION="/dev/stdout"
+#NGINX_ERROR_LOG_LOCATION="/dev/stderr"
+
 ## Privacy
 
 ENABLE_3PID_LOOKUP=true

abra.sh

@@ -5,7 +5,7 @@ export LOG_CONFIG_VERSION=v2
 export SHARED_SECRET_AUTH_VERSION=v1
 export SIGNAL_BRIDGE_YAML_VERSION=v4
 export TELEGRAM_BRIDGE_YAML_VERSION=v6
-export NGINX_CONFIG_VERSION=v4
+export NGINX_CONFIG_VERSION=v5
 export WK_SERVER_VERSION=v1
 export WK_CLIENT_VERSION=v1
 
@@ -13,7 +13,7 @@ set_admin () {
     admin=akadmin
     if [ -n "$1" ]
     then
-        admin=$1 
+        admin=$1
     fi
     psql -U synapse -c "UPDATE users SET admin = 1 WHERE name = '@$admin:$DOMAIN'";
 }

compose.yml

@@ -9,6 +9,8 @@ services:
       - internal
     environment:
       - STACK_NAME
+      - NGINX_ACCESS_LOG_LOCATION
+      - NGINX_ERROR_LOG_LOCATION
     configs:
       - source: nginx_config
         target: /etc/nginx/nginx.conf
@@ -25,7 +27,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=5.0.0+v1.93.0"
+        - "coop-cloud.${STACK_NAME}.version=5.0.1+v1.93.0"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
     healthcheck:
       test: curl -f http://synapse:8008/health || exit 1

nginx.conf.tmpl

@@ -8,15 +8,15 @@ http {
   server {
     listen 80;
 
-    access_log off;
-    error_log /dev/null;
+    access_log {{ env "NGINX_ACCESS_LOG_LOCATION" }};
+    error_log {{ env "NGINX_ERROR_LOG_LOCATION" }};
 
     server_name {{ env "DOMAIN" }};
 
     location ~* ^(\/_matrix|\/_synapse\/client) {
       proxy_pass http://{{ env "STACK_NAME"}}_synapse:8008;
       proxy_set_header X-Forwarded-For $remote_addr;
-      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header X-Forwarded-Proto https;
       proxy_set_header Host $host;
       client_max_body_size 50M;
       proxy_http_version 1.1;

release/5.0.1+v1.93.0

@@ -0,0 +1,8 @@
+take care when upgrading! You need to add two variables to your .env file:
+use the following if you don't want any access logs (including users' IP addresses):
+NGINX_ACCESS_LOG_LOCATION="/dev/null"
+NGINX_ERROR_LOG_LOCATION="/dev/null"
+
+use the following if you want logs:
+NGINX_ACCESS_LOG_LOCATION="/dev/stdout"
+NGINX_ERROR_LOG_LOCATION="/dev/stderr"