Syncthing gives mysterious CSRF errors when proxied by nginx and when placed on a subdomain. How can I get it working?
Relevant config file entry:
location / {
proxy_http_version 1.1;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://syncthing;
proxy_read_timeout 1200;
proxy_connect_timeout 240;
client_max_body_size 0;
}
I suggested that Syncthing should allow manual changing of actual server address it’s being served on (separated from bind address) but maintainer(s) said it’s all automagical (if it was it wouldn’t fail like this mistaking the proxy as CSRF).