I have been struggling for several months to be able to log in to the Duplicati Web GUI on a remote server. This worked fine until a recent update.
This is a non-dockerised headless install on Debian Bookworm. I have a duplicati.mysever.com domain registered.
Depending on different settings I have been getting various auth refused messages, typically the (now infamous) “Help Login Reload” popup or
Connection lost
Connection to server was rejected due to invalid authentication.
Log in again, or re-open the page from the TrayIcon (if applicable)
Looking at the debugger I was mainly getting 401 “cookie refused” or 403 “invalid hostname”.
I knew that my problems were coming from the virtual host proxy settings in Apache2, but finding the fix was far from simple. But now I have something that works! Hopefully this could help others.
(Replace duplicati.myserver.com with your hostname in the following)
/etc/default/duplicati
DAEMON_OPTS="--webservice-interface=any --webservice-port=8200 --webservice-allowed-hostnames=duplicati.myserver.com --portable-mode"
/etc/apache2/sites-available/duplicati-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName duplicati.myserver.com
ErrorLog ${APACHE_LOG_DIR}/duplicati.error.log
CustomLog ${APACHE_LOG_DIR}/duplicati.access.log combined
AllowEncodedSlashes On
ProxyPass "/" "http://localhost:8200/"
ProxyPassReverse "/" "http://localhost:8200/"
ProxyPreserveHost On
ProxyRequests Off
SSLCertificateFile /etc/letsencrypt/live/duplicati.myserver.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/duplicati.myserver.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
<Location /notifications >
ProxyPass ws://127.0.0.1:8200/notifications
</Location>
</IfModule>
Please don’t ask me how/why this works - I’ve lost track already!
Please do add any improvements you may feel necessary.