Present SO via reverse proxy

[jpvlsmv]

I'd like to create a NGINX reverse proxy configuration, to wrap everything in an existing website:

location /protected/securityonion/ {
    proxy_pass https://mysoserver/;
    proxy_redirect default; 
}

But there are a lot of places where SO redirects the browser to bypass the proxy. One particularly important one is the Kratos authentication module.

Is there a place to set a "this is the top-level SO URL" to https://mywebsite/protected/securityonion/ for everything?

Thanks,
--Joe

[northben]

I'm also trying to set up a reverse proxy. Have you found out a way to disable the built-in SO certificate? I'd just like to serve SO on plain HTTP and let the reverse proxy handle the certificate.

[sinjap]

I'm using Nginx Proxy Manager and pointing to the IP address of the SO-node. The page loads with a black screen. Some JS files are not resolved due to a 504 error.

Does anybody have experience configuring SO correctky behind a Nginx reverse proxy?

[TOoSmOotH]

Having it as https://somehostname/securityonion will not work. However you can so securityonion.somehostname.com and change your baseurl.

[sinjap]

I've changed the base_url in the global.sls file and rebooted the VM. However, some js and css files are not loading due to a 504 error. By reverting the url_base to the hostname and accessing the host this way, the resources are loading correctly.

Do I need to pass any specific configuration to nginx when configuring SO behind a reverse proxy?