chore

Author: tchapi

config/packages/framework.yaml

@@ -5,8 +5,6 @@ framework:
     #csrf_protection: true
     http_method_override: false
 
-    trusted_proxies: '%trusted_proxies%'
-
     # Enables session support. Note that the session will ONLY be started if you read or write from it.
     # Remove or comment this section to explicitly disable session support.
     session:

config/services.yaml

@@ -13,8 +13,6 @@ parameters:
     default_birthday_reminder_offset: "PT9H"
     caldav_enabled: "%env(bool:CALDAV_ENABLED)%"
     carddav_enabled: "%env(bool:CARDDAV_ENABLED)%"
-    trusted_proxies: '%env(default:default_trusted_proxies:TRUSTED_PROXIES)%'
-    default_trusted_proxies: '127.0.0.1,REMOTE_ADDR'
 
 services:
     # default configuration for services in *this* file

docker/configurations/Caddyfile

@@ -8,7 +8,13 @@
 	redir /.well-known/carddav /dav/
 
         root * /var/www/davis/public
-        php_fastcgi unix//var/run/php-fpm/php-fpm.sock
+        php_fastcgi unix//var/run/php-fpm/php-fpm.sock {
+                # Preserve the original X-Forwarded-Proto from upstream, as it might be HTTPS
+                header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
+                header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host}
+                header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
+        }
+
         file_server {
                 # Safety net, just in case
                 hide .git .gitignore