mirrors/overleaf-toolkit
1
0
Fork 0
mirror of https://github.com/overleaf/toolkit.git synced 2025-04-19 15:28:06 +02:00
Code Activity

Merge pull request #117 from overleaf/csh-tls-proxy-diagram

Browse source 
Clarify TLS proxy documentation
This commit is contained in:
Christopher Hoskin 2022-10-13 14:08:56 +01:00 committed by GitHub
commit f35648ab2c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

12
doc/overleaf-rc.md
View file

@ -36,8 +36,6 @@ Setting `SHARELATEX_LISTEN_IP` to either `0.0.0.0` or the external IP of your ho
Sets the host port that the container will bind to. For example, if this is set to `8099` and `SHARELATEX_LISTEN_IP` is set to `127.0.0.1`, then the web interface will be available on `http://localhost:8099`.
When used in conjunction with the [TLS Proxy](tls-proxy.md), the `proxy_pass` port in [nginx.conf](config/nginx/nginx.conf) also needs to be changed.
- Default: 80
@ -152,7 +150,7 @@ Typically this should be set to the external IP of your host.
### `TLS_PORT`
Sets the host port that the [TLS Proxy](tls-proxy.md) container will bind to for https. For example, if this is set to `8443`, then the https web interface will be available on `https://localhost:8443`.
Sets the host port that the [TLS Proxy](tls-proxy.md) container will bind to for https.
- Default: 443
@ -162,4 +160,10 @@ Sets the host IP address(es) that the [TLS Proxy](tls-proxy.md) container will b
Typically this should be set to the external IP of your host. Do not set it to `0.0.0.0` as this will typically cause a conflict with `SHARELATEX_LISTEN_IP`.
- Default: `127.0.1.1`
- Default: `127.0.1.1`
### `NGINX_HTTP_PORT`
Sets the host port that the [TLS Proxy](tls-proxy.md) container will bind to for http.
- Default: `80`

29
doc/tls-proxy.md
View file

@ -29,4 +29,31 @@ TLS_PORT=443
By default the https web interface will be available on `https://127.0.1.1:443`. Connections to `http://127.0.1.1:80` will be redirected to `https://127.0.1.1:443`. To change the IP address that NGINX listens on, set the `NGINX_HTTP_LISTEN_IP` and `NGINX_TLS_LISTEN_IP` variables. The ports can be changed via the `NGINX_HTTP_PORT` and `TLS_PORT` variables.
If NGINX fails to start with the error message `Error starting userland proxy: listen tcp4 ... bind: address already in use` ensure that `SHARELATEX_LISTEN_IP:SHARELATEX_PORT` does not overlap with `NGINX_HTTP_LISTEN_IP:NGINX_HTTP_PORT`.
If NGINX fails to start with the error message `Error starting userland proxy: listen tcp4 ... bind: address already in use` ensure that `SHARELATEX_LISTEN_IP:SHARELATEX_PORT` does not overlap with `NGINX_HTTP_LISTEN_IP:NGINX_HTTP_PORT`.
```mermaid
sequenceDiagram
participant user as User
participant external as Host External
participant internal as Host Internal
participant nginx as nginx
participant sharelatex as sharelatex
%% User connects to external host HTTP
user->>+ external: HTTP
note over external: NGINX_HTTP_LISTEN_IP:NGINX_HTTP_PORT
external->>+ nginx: HTTP
note over nginx: nginx:80
nginx-->>-external: 301
%% User connects to external host HTTPS
user->>+ external: HTTPS
note over external: NGINX_TLS_LISTEN_IP:TLS_PORT
external->>+ nginx: HTTPS
note over nginx: nginx:443
nginx->>+ sharelatex: HTTP
note over sharelatex: sharlatex:80
%% User connects to localhost HTTP
user->>+ internal: HTTP
note over internal: SHARELATEX_LISTEN_IP:SHARELATEX_PORT
internal->>+sharelatex: HTTP
note over sharelatex: sharlatex:80
```