I have been using Duplicati a long time to backup my Next Cloud.
Duplicati is installed on the same host as Next Cloud so therefore I use the reverse proxy functionality of NGINX with a subdirectory (also the web server for Next Cloud) to reach the web interface of Duplicati and protect it with the same certificate as Next Cloud.
Now that I have updated to 2.1.0.3 the reverse proxy does not work anymore - did use it before without password authentication - and I tried many different configurations for NGINX.
I also configured a password with the necessary steps so I does work like this:
http://:8400
My old NGINX config working with version 2.0.x of Duplicati looks like this:
First things first:
Duplicati is installed on Debian 12 without a GUI (headless server).
I added your two lines (tried something like this a few days ago after I âconsultedâ ChatGPT), but I am still stuck in a loop showing a message window with Duplicati in the background:
Connection lost: Connection to server was rejected due to invalid authentication.
Log in again, or re-open the page from the TrayIcon (if applicable)
Buttons: Help, Log in, and Reload
When I press reload or login, same message and screen appears in Chrome, in Safari I get to the login (pressing the login button), but after logging in getting back in the loop again.
I paste my complete nginx conf here for more information:
Hi,
sorry for taking so many days to answer but my youngest got an op last Friday.
I check the output in the developer tools and got this:
Refused to apply style from âhttps://next.cloud/backup/ngax/styles/dark.cssâ because its MIME type (âtext/htmlâ) is not a supported stylesheet MIME type, and strict MIME checking is enabled.
I am thinking something else is being served here? The MIME type is always set by the Duplicati server. Could this be a text document? Error page or similar?
I can see from the config that there are is some extra configuration in the file that mentions .css files with a try_files command.
That is the correct path. I asked ChatGPT for a fix, and it suggest that you need a URL rewrite to map /backup/ngax/... to /ngax/...:
Thank you so much for trying to help me.
I gave it a shot, but when I try https://next.cloud/backup I am redirected to https://next.cloud/backup/ngax/index.html and I get the âConnection lostâ - with âHelpâ, âLog inâ, and âReloadâ. âReloadâ loads the same screen and âLog inâ redirects to https://next.cloud/login (no backup directoryâŠ). That results in a page not found from Next Cloud. When I enter https://next.cloud/backup/login then I reach the login screen, but after entering my credentials get to the âConnection lostâ againâŠ
And developer mode shows: Failed to load resource: the server responded with a status of 401 () /backup/api/v1/auth/refresh:1
There are no changes to the way the UI/server works in that version, so it should behave the same.
When you enter the password on the /login page, that will set a cookie that is then passed to /backup/api/v1/auth/refresh. Since you get a 401, most likely that cookie is not being passed.
Do you see any error messages that could indicate why it is not there?
Can you confirm that the cookie is missing on the request? Can you see it being set on the login call?
Hi,
I tried my best and also made use of ChatGPT and now I can login when using https://next.cloud/backup/login.html, but whenever I use https://next.cloud/backup I am redirected to âHelpâ, âLog inâ, and âReloadâ again. Then reload is a loop and login redirects to https://next.cloud/login.html. ChatGPT tried to solve this with subfilters but that did not work. Here my current nginx configuration for the Duplciati proxy part:
location ^~ /backup/ {
proxy_pass http://127.0.0.1:8200/;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection âupgradeâ;
proxy_cookie_path / /backup/;
}
The additional did not help:
proxy_redirect ~^(http[s]?://[^/]+)(/.*)$ $1/backup$2;
# Enable response modification
sub_filter_once off;
sub_filter '/login.html' '/backup/login.html';
sub_filter 'location.href = "/login.html"' 'location.href = "/backup/login.html"';
# Ensure sub_filter works for text/html and JavaScript files
proxy_set_header Accept-Encoding "";
Can you try to enable Developer Tools in the browser and see what errors you get? This will point to the problem with the login, and we can hopefully fix it once we know what is going wrong.
The trace you posted is for https://next.cloud/login.html which is clearly wrong, as it hits the proxy server and not Duplicati. If this is emitted by Duplicati, we should fix it to be more proxy friendly.
Can you try again with the developer tools and go (manually if needed) to https://next.cloud/backup/login.html and try the login there?
This should call (XHR) https://next.cloud/backup/api/v1/auth/login and return a cookie.
Then the page should redirect to https://next.cloud/backup/ngax/index.html.
This should call (XHR) https://next.cloud/backup/api/v1/auth/refresh and return an access token.
Finally, this should be used to open a websocket on https://next.cloud/backup/notifications.
Let me know where there are errors or where it diverges from the expected flow.
only error is: GET https://next.cloud/login.html 404 (Not Found)
Something is wrong with the redirect / sub filtering when using logout or the âLog inâ button from the âConnection Lostâ window.
Current nginx config for these tests after consulting ChatGPT again:
That one is an unrelated error. It seems that the UI sometimes uses an absolute redirect, and that trips up the page. This will just affect the login, and you have to manually adjust the URL by adding back the missing /backup/ part.
It is perhaps possible to fix this with elaborate rewrite rules, but I would argue that it is not worth it, and the problem should be fixed in Duplicati.
That is a different request and it is just fetching a static page.
Here you can see the request for notifications on my test setup. I think this request is failing on your system:
Thanks for engagement. I donât really know what you expect me to do now?
I logged out and logged in again while keeping the developer mode open.
There is nothing with wss (any hint for the web socket) and switching protocols. Furthermore I shared my nginx configuration.