From 5dcdb65e552d51bdb25c97aace7a104694c1b96f Mon Sep 17 00:00:00 2001 From: Kavi Date: Wed, 22 Apr 2026 03:37:44 -0400 Subject: [PATCH] fix(nginx): proxy to kua-mail container directly over internal Docker network Avoids SSL loop through public domain. Join kua-services network to reach kua-mail:3800. Co-Authored-By: Claude Sonnet 4.6 --- docker-compose.yml | 3 +++ nginx.conf | 12 ++++++------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index c4d0f3b..d0094e9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,7 @@ services: restart: unless-stopped networks: - production_proxy + - kua-services labels: - "caddy=mail.kua.cl" - "caddy.reverse_proxy={{upstreams 80}}" @@ -18,3 +19,5 @@ services: networks: production_proxy: external: true + kua-services: + external: true diff --git a/nginx.conf b/nginx.conf index 861d66b..855b104 100644 --- a/nginx.conf +++ b/nginx.conf @@ -3,10 +3,10 @@ server { root /usr/share/nginx/html; index index.html; - # Proxy /api/* → backend (strip /api prefix) + # Proxy /api/* → kua-mail container on internal Docker network (strip /api prefix) location /api/ { - proxy_pass https://api.mail.kua.cl/; - proxy_set_header Host api.mail.kua.cl; + proxy_pass http://kua-mail:3800/; + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffering off; @@ -15,10 +15,10 @@ server { proxy_set_header Connection ''; } - # Proxy /events → backend (no prefix strip) + # Proxy /events → kua-mail SSE endpoint location /events { - proxy_pass https://api.mail.kua.cl/events; - proxy_set_header Host api.mail.kua.cl; + proxy_pass http://kua-mail:3800/events; + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffering off;