starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-07 03:09:44 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

Bookstack | docker linuxserver/bookstack + nginx-proxy-manager #2040

New Issue
Closed
opened 2026-02-05 02:40:13 +03:00 by OVERLORD · 18 comments
OVERLORD commented 2026-02-05 02:40:13 +03:00
Owner
Copy Link

Originally created by @eyduh on GitHub (Jan 14, 2021).

Describe the bug
I'm not sure if this fits here but it relates to the way that bookstack behaves when behind a reverse proxy. I'm not sure if it is a setting the bookstack .env or config.php that needs to be added or if it's a setting in my proxy manager.
The interface looks fine when connecting straight to the local IP of the server but when I setup jc21/nginx-proxy-manager to redirect https://books.mydomain.xyz to the server I'm served a broken html site with huge nav menu icons. (screenshot at the bottom)

Steps To Reproduce

  1. Copy the docker compose from linuxserver/bookstack into portainer stack deployment.
  2. Connect to the local IP and setup a book page to try it out
  3. Setup nginx-proxy-manager to redirect https://books.domain.xyz
    nginx-proxy-manager forwards to http://my.server.local.ip:port with websocket support, force ssl, http2 & hsts enabled

I tried to add
APP_URL=https://books.domain.xyz
as well as the server IP:port and localhost:port
to the docker compose but then I get 502 bad gateway instead.

Expected behavior
As pretty of an interface as when I connect straight to the server.

Your Configuration (please complete the following information):
Version: BookStack v0.31.3
PHP: PHP 7.3.26
Install: https://hub.docker.com/r/linuxserver/bookstack

Additional context
It is running on an RaspberryPi 4 - 1GB ram with DietPi v6.34.3
nginx-proxy-manager is on the same pi

Screenshots
Screenshot_2021-01-14 Sfilms Bokhylla

Originally created by @eyduh on GitHub (Jan 14, 2021). **Describe the bug** I'm not sure if this fits here but it relates to the way that bookstack behaves when behind a reverse proxy. I'm not sure if it is a setting the bookstack .env or config.php that needs to be added or if it's a setting in my proxy manager. The interface looks fine when connecting straight to the local IP of the server but when I setup jc21/nginx-proxy-manager to redirect https://books.mydomain.xyz to the server I'm served a broken html site with huge nav menu icons. (screenshot at the bottom) **Steps To Reproduce** 1. Copy the docker compose from linuxserver/bookstack into portainer stack deployment. 2. Connect to the local IP and setup a book page to try it out 3. Setup nginx-proxy-manager to redirect https://books.domain.xyz nginx-proxy-manager forwards to http://my.server.local.ip:port with websocket support, force ssl, http2 & hsts enabled I tried to add APP_URL=https://books.domain.xyz as well as the server IP:port and localhost:port to the docker compose but then I get 502 bad gateway instead. **Expected behavior** As pretty of an interface as when I connect straight to the server. **Your Configuration (please complete the following information):** Version: BookStack v0.31.3 PHP: PHP 7.3.26 Install: https://hub.docker.com/r/linuxserver/bookstack **Additional context** It is running on an RaspberryPi 4 - 1GB ram with DietPi v6.34.3 nginx-proxy-manager is on the same pi **Screenshots** ![Screenshot_2021-01-14 Sfilms Bokhylla](https://user-images.githubusercontent.com/29815625/104571862-ed649b80-5653-11eb-8650-09825f11f121.png)
OVERLORD commented 2026-02-05 02:40:26 +03:00
Author
Owner
Copy Link

@maggie44 commented on GitHub (Jan 14, 2021):

I’m not familiar with nginx-proxy-manager, but if it is indeed nginx then somewhere in there will be an nginx.conf file which will likely need adjusting to fix it. Can you try and find that file and post it here?

@maggie44 commented on GitHub (Jan 14, 2021): I’m not familiar with nginx-proxy-manager, but if it is indeed nginx then somewhere in there will be an nginx.conf file which will likely need adjusting to fix it. Can you try and find that file and post it here?
OVERLORD commented 2026-02-05 02:40:34 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jan 15, 2021):

I tried to add
APP_URL=https://books.domain.xyz
as well as the server IP:port and localhost:port
to the docker compose but then I get 502 bad gateway instead.

This is odd, setting that should only really change the URL in the response data, unless you're actually being redirect when accessing https://books.domain.xyz to a URL which then fails.

@ssddanbrown commented on GitHub (Jan 15, 2021): > I tried to add > APP_URL=https://books.domain.xyz > as well as the server IP:port and localhost:port > to the docker compose but then I get 502 bad gateway instead. This is odd, setting that should only really change the URL in the response data, unless you're actually being redirect when accessing `https://books.domain.xyz` to a URL which then fails.
OVERLORD commented 2026-02-05 02:40:40 +03:00
Author
Owner
Copy Link

@devnope commented on GitHub (Jan 16, 2021):

Hi,
I faced the same issue as @eyduh ...
I think, I might have found a fix...

in my docker-compose file I changed the Portmapping to the following:

ports:  
      - 127.0.0.1:6875:80

in the /etc/hosts:

127.0.0.1 wiki.local .....

the APP_URL is then

APP_URL="https://wiki.local"

and the nginx has the following proxy url

proxy_pass http://127.0.0.1:6875;

I suppose, the problem with the app_url stuff is, that docker container can't answer the app_url without the portmapping and the etc/hosts relaying...

Setting the localhost in the port-mapping, the /etc/hosts and the nginx-config fixed it for me. I found out, that this was the issue for me, after I watched the site load with my browsers inspection mode running. Afterwards I tried to load the URLs for the CSS stuff. Then I noticed, that bookstack wasn't able to respond to wiki.local:6875. Maybe this helps reproducing and solving the issue in your config.

@devnope commented on GitHub (Jan 16, 2021): Hi, I faced the same issue as @eyduh ... I think, I might have found a fix... in my docker-compose file I changed the Portmapping to the following: ``` ports: - 127.0.0.1:6875:80 ``` in the /etc/hosts: ``` 127.0.0.1 wiki.local ..... ``` the APP_URL is then `APP_URL="https://wiki.local"` and the nginx has the following proxy url ``` proxy_pass http://127.0.0.1:6875; ``` I suppose, the problem with the app_url stuff is, that docker container can't answer the app_url without the portmapping and the etc/hosts relaying... Setting the localhost in the port-mapping, the /etc/hosts and the nginx-config fixed it for me. I found out, that this was the issue for me, after I watched the site load with my browsers inspection mode running. Afterwards I tried to load the URLs for the CSS stuff. Then I noticed, that bookstack wasn't able to respond to wiki.local:6875. Maybe this helps reproducing and solving the issue in your config.
OVERLORD commented 2026-02-05 02:40:47 +03:00
Author
Owner
Copy Link

@coaqii commented on GitHub (Jan 19, 2021):

I faced this issue too after updating to a newer version of bookstack. With a newer version of the linuxserver bookstack image you need to pass APP_URL with the docker env variables. It ignores the variable set in the .env file and overwrites it.
Have you set this to your APP_URL?

@coaqii commented on GitHub (Jan 19, 2021): I faced this issue too after updating to a newer version of bookstack. With a newer version of the linuxserver bookstack image you need to pass APP_URL with the docker env variables. It ignores the variable set in the .env file and overwrites it. Have you set this to your APP_URL?
OVERLORD commented 2026-02-05 02:40:55 +03:00
Author
Owner
Copy Link

@devnope commented on GitHub (Jan 23, 2021):

@coaqii I had set it in the docker-compose file

@devnope commented on GitHub (Jan 23, 2021): @coaqii I had set it in the docker-compose file
OVERLORD commented 2026-02-05 02:40:58 +03:00
Author
Owner
Copy Link

@eyduh commented on GitHub (Jan 23, 2021):

Sry, was preoccupied with some other issues.

Ok trying things one at a time:

APP_URL as environment variable

I set APP_URL=books.my.domain as an environment variable in the docker-compose part of portainer and I just get bad gateway. This is the same whether on it's own or with http:// or https://

APP_URL as env var. editing /etc/hosts & port mapping

APP_URL="https://books.local" as environment variable in the docker-compose portainer stack
setting ports: 127.0.0.1:6875
directing nginx-proxy-manager to http://books.local
editing both the docker /etc/hosts with
echo "127.0.0.1 books.local" >> /etc/hosts & the host system's /etc/hosts

Same result as before.

nginx.conf etc

I would rather not mess with the .conf files directly, that's the whole point of having jc21/nginx-proxy-manager (npm). Since I could access it on http://local.ip.address:port before I started messing with APP_URL I should be able to do ssl termination and forward to that ip with npm as I have with some other stuff deployed through docker on the local network.

However, I did have to set some php variables in config.php for the nextcloud instance to forward properly. npm also offers to set custom nginx variables through the web interface but. c:

Anyway, here's the confs:

/etc/nginx/nginx.conf 

# run nginx in foreground
daemon off;

user root;

# Set number of worker processes automatically based on number of CPU cores.
worker_processes auto;

# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;

error_log /data/logs/error.log warn;

# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;

events {
        worker_connections  1024;
}

http {
        include                       /etc/nginx/mime.types;
        default_type                  application/octet-stream;
        sendfile                      on;
        server_tokens                 off;
        tcp_nopush                    on;
        tcp_nodelay                   on;
        client_body_temp_path         /tmp/nginx/body 1 2;
        keepalive_timeout             90s;
        proxy_connect_timeout         90s;
        proxy_send_timeout            90s;
        proxy_read_timeout            90s;
        ssl_prefer_server_ciphers     on;
        gzip                          on;
        proxy_ignore_client_abort     off;
        client_max_body_size          2000m;
        server_names_hash_bucket_size 1024;
        proxy_http_version            1.1;
        proxy_set_header              X-Forwarded-Scheme $scheme;
        proxy_set_header              X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header              Accept-Encoding "";
        proxy_cache                   off;
        proxy_cache_path              /var/lib/nginx/cache/public  levels=1:2 keys_zone=public-cache:30m max_size=192m;
        proxy_cache_path              /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m;

        log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] [Sent-to $server] "$http_user_agent" "$http_referer"';
        log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"';


        access_log /data/logs/default.log proxy;

        # Dynamically generated resolvers file
        include /etc/nginx/conf.d/include/resolvers.conf;

        # Default upstream scheme
        map $host $forward_scheme {
                default http;
        }

        # Real IP Determination
        # Docker subnet:
        set_real_ip_from 172.0.0.0/8;
        # Local subnets:
        set_real_ip_from 10.0.0.0/8;
        set_real_ip_from 192.0.0.0/8;
        # NPM generated CDN ip ranges:
        include conf.d/include/ip_ranges.conf;
        # always put the following 2 lines after ip subnets:
        real_ip_header X-Real-IP;
        real_ip_recursive on;

        # Files generated by NPM
        include /etc/nginx/conf.d/*.conf;
        include /data/nginx/default_host/*.conf;
        include /data/nginx/proxy_host/*.conf;
        include /data/nginx/redirection_host/*.conf;
        include /data/nginx/dead_host/*.conf;
        include /data/nginx/temp/*.conf;

        # Custom
        include /data/nginx/custom/http[.]conf;
}

stream {
        # Files generated by NPM
        include /data/nginx/stream/*.conf;

        # Custom
        include /data/nginx/custom/stream[.]conf;
}

# Custom
include /data/nginx/custom/root[.]conf;

and

/data/nginx/relevant.conf 


# ------------------------------------------------------------
# books.my.domain
# ------------------------------------------------------------


server {
  set $forward_scheme http;
  set $server         "books.local";
  set $port           6875;

  listen 80;
listen [::]:80;

listen 443 ssl http2;
listen [::]:443;


  server_name books.my.domain;


  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-6/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-6/privkey.pem;






  # Block Exploits
  include conf.d/include/block-exploits.conf;



  # HSTS (ngx_http_headers_module is required) (31536000 seconds = 1 year)
  add_header Strict-Transport-Security "max-age=31536000; preload" always;




  access_log /data/logs/proxy_host-5.log proxy;







  location / {

    


    # Force SSL
    include conf.d/include/force-ssl.conf;




  # HSTS (ngx_http_headers_module is required) (31536000 seconds = 1 year)
  add_header Strict-Transport-Security "max-age=31536000; preload" always;




    
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    proxy_http_version 1.1;
    

    # Proxy!
    include conf.d/include/proxy.conf;
  }


  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}

/etc/nginx/fastcgi.conf 

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

standard confs that reside in /etc/nginx/*

jc21/nginx-proxy-manager git

@eyduh commented on GitHub (Jan 23, 2021): Sry, was preoccupied with some other issues. Ok trying things one at a time: # APP_URL as environment variable I set APP_URL=books.my.domain as an environment variable in the docker-compose part of portainer and I just get bad gateway. This is the same whether on it's own or with http:// or https:// # APP_URL as env var. editing /etc/hosts & port mapping APP_URL="https://books.local" as environment variable in the docker-compose portainer stack setting ports: 127.0.0.1:6875 directing nginx-proxy-manager to http://books.local editing both the docker /etc/hosts with `echo "127.0.0.1 books.local" >> /etc/hosts` & the host system's /etc/hosts Same result as before. # nginx.conf etc I would rather not mess with the .conf files directly, that's the whole point of having jc21/nginx-proxy-manager (npm). Since I could access it on http://local.ip.address:port before I started messing with APP_URL I should be able to do ssl termination and forward to that ip with npm as I have with some other stuff deployed through docker on the local network. However, I **did** have to set some php variables in config.php for the nextcloud instance to forward properly. npm also offers to set custom nginx variables through the web interface but. c: Anyway, here's the confs: <details> <summary>/etc/nginx/nginx.conf</summary> <p> ``` # run nginx in foreground daemon off; user root; # Set number of worker processes automatically based on number of CPU cores. worker_processes auto; # Enables the use of JIT for regular expressions to speed-up their processing. pcre_jit on; error_log /data/logs/error.log warn; # Includes files with directives to load dynamic modules. include /etc/nginx/modules/*.conf; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; sendfile on; server_tokens off; tcp_nopush on; tcp_nodelay on; client_body_temp_path /tmp/nginx/body 1 2; keepalive_timeout 90s; proxy_connect_timeout 90s; proxy_send_timeout 90s; proxy_read_timeout 90s; ssl_prefer_server_ciphers on; gzip on; proxy_ignore_client_abort off; client_max_body_size 2000m; server_names_hash_bucket_size 1024; proxy_http_version 1.1; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Accept-Encoding ""; proxy_cache off; proxy_cache_path /var/lib/nginx/cache/public levels=1:2 keys_zone=public-cache:30m max_size=192m; proxy_cache_path /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m; log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] [Sent-to $server] "$http_user_agent" "$http_referer"'; log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"'; access_log /data/logs/default.log proxy; # Dynamically generated resolvers file include /etc/nginx/conf.d/include/resolvers.conf; # Default upstream scheme map $host $forward_scheme { default http; } # Real IP Determination # Docker subnet: set_real_ip_from 172.0.0.0/8; # Local subnets: set_real_ip_from 10.0.0.0/8; set_real_ip_from 192.0.0.0/8; # NPM generated CDN ip ranges: include conf.d/include/ip_ranges.conf; # always put the following 2 lines after ip subnets: real_ip_header X-Real-IP; real_ip_recursive on; # Files generated by NPM include /etc/nginx/conf.d/*.conf; include /data/nginx/default_host/*.conf; include /data/nginx/proxy_host/*.conf; include /data/nginx/redirection_host/*.conf; include /data/nginx/dead_host/*.conf; include /data/nginx/temp/*.conf; # Custom include /data/nginx/custom/http[.]conf; } stream { # Files generated by NPM include /data/nginx/stream/*.conf; # Custom include /data/nginx/custom/stream[.]conf; } # Custom include /data/nginx/custom/root[.]conf; ``` </p> </details> and <details> <summary>/data/nginx/relevant.conf</summary> <p> ``` # ------------------------------------------------------------ # books.my.domain # ------------------------------------------------------------ server { set $forward_scheme http; set $server "books.local"; set $port 6875; listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443; server_name books.my.domain; # Let's Encrypt SSL include conf.d/include/letsencrypt-acme-challenge.conf; include conf.d/include/ssl-ciphers.conf; ssl_certificate /etc/letsencrypt/live/npm-6/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/npm-6/privkey.pem; # Block Exploits include conf.d/include/block-exploits.conf; # HSTS (ngx_http_headers_module is required) (31536000 seconds = 1 year) add_header Strict-Transport-Security "max-age=31536000; preload" always; access_log /data/logs/proxy_host-5.log proxy; location / { # Force SSL include conf.d/include/force-ssl.conf; # HSTS (ngx_http_headers_module is required) (31536000 seconds = 1 year) add_header Strict-Transport-Security "max-age=31536000; preload" always; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; # Proxy! include conf.d/include/proxy.conf; } # Custom include /data/nginx/custom/server_proxy[.]conf; } ``` </p> </details> <details> <summary>/etc/nginx/fastcgi.conf</summary> <p> ``` fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REQUEST_SCHEME $scheme; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; ``` </p> </details> <details> <summary>standard confs that reside in /etc/nginx/*</summary> <p> [jc21/nginx-proxy-manager git](https://github.com/jc21/nginx-proxy-manager/tree/master/docker/rootfs/etc/nginx) </p> </details>
OVERLORD commented 2026-02-05 02:41:04 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jan 24, 2021):

I set APP_URL=books.my.domain as an environment variable in the docker-compose part of portainer and I just get bad gateway. > This is the same whether on it's own or with http:// or https://

The value will need to include http:// or https://. I still think it's odd that this is giving you bad gateway.

  • Are there any uncommon characters in the URL?
  • Could you provide an example of how you're setting this option?
  • Do you have visibility of the bookstack container logs? I'd have thought something in the startup of the container is errorring so the container never starts serving and hence the bad gateway.
@ssddanbrown commented on GitHub (Jan 24, 2021): >I set APP_URL=books.my.domain as an environment variable in the docker-compose part of portainer and I just get bad gateway. > This is the same whether on it's own or with http:// or https:// The value will need to include `http://` or `https://`. I still think it's odd that this is giving you bad gateway. - Are there any uncommon characters in the URL? - Could you provide an example of how you're setting this option? - Do you have visibility of the bookstack container logs? I'd have thought something in the startup of the container is errorring so the container never starts serving and hence the bad gateway.
OVERLORD commented 2026-02-05 02:41:09 +03:00
Author
Owner
Copy Link

@eyduh commented on GitHub (Jan 24, 2021):

No weird characters, the url I would like to use is basically https://books.my.domain
with ssl termination at nginx-proxy-manager running in its own portainer stack on the same machine.

so
https://books.my.domain -> DNS -> gets IP -> Nginx takes care of ssl & forwards https://books.my.domain requests to a either
http://servers.local.ip.address:port ,
http://hostname:port or
http://localhost:port

Should I set APP_URL to the local http://address:port or the public https://books.my.domain?

I use portainer and the docker-compose from linuxserver.io https://hub.docker.com/r/linuxserver/bookstack

I would set the environment variable in the docker-compose web editor, not the environment variable section after the web editor block.

docker-compose 
---
version: "2"
services:
  bookstack:
    image: ghcr.io/linuxserver/bookstack
    container_name: bookstack
    environment:
      - PUID=1000
      - PGID=1000
      - APP_URL=http://books.local
      - DB_HOST=bookstack_db
      - DB_USER=bookstack
      - DB_PASS=averysecurepassword
      - DB_DATABASE=bookstackapp
    volumes:
      - /mnt/dietpi_userdata/bookstack:/config
    ports:
      - 127.0.0.1:6875:80
    restart: unless-stopped
    depends_on:
      - bookstack_db
  bookstack_db:
    image: ghcr.io/linuxserver/mariadb
    container_name: bookstack_db
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=averysecurepassword
      - TZ=Europe/Stockholm
      - MYSQL_DATABASE=bookstackapp
      - MYSQL_USER=bookstack
      - MYSQL_PASSWORD=averysecurepassword
    volumes:
      - /mnt/dietpi_userdata/bookstack:/config
    restart: unless-stopped

I had a look both in the portainer log for the app and the db and it just tells me there are no logs?
If I attach to the image and have a look in /var/logs I find two empty folders, nginx & php
portainer inspect shows these processes running:
image

@eyduh commented on GitHub (Jan 24, 2021): No weird characters, the url I would like to use is basically https://books.my.domain with ssl termination at nginx-proxy-manager running in its own portainer stack on the same machine. so https://books.my.domain -> DNS -> gets IP -> Nginx takes care of ssl & forwards https://books.my.domain requests to a either http://servers.local.ip.address:port , http://hostname:port or http://localhost:port Should I set APP_URL to the local http://address:port or the public https://books.my.domain? I use portainer and the docker-compose from linuxserver.io https://hub.docker.com/r/linuxserver/bookstack I would set the environment variable in the docker-compose web editor, not the environment variable section after the web editor block. <details> <summary> docker-compose </summary> ``` --- version: "2" services: bookstack: image: ghcr.io/linuxserver/bookstack container_name: bookstack environment: - PUID=1000 - PGID=1000 - APP_URL=http://books.local - DB_HOST=bookstack_db - DB_USER=bookstack - DB_PASS=averysecurepassword - DB_DATABASE=bookstackapp volumes: - /mnt/dietpi_userdata/bookstack:/config ports: - 127.0.0.1:6875:80 restart: unless-stopped depends_on: - bookstack_db bookstack_db: image: ghcr.io/linuxserver/mariadb container_name: bookstack_db environment: - PUID=1000 - PGID=1000 - MYSQL_ROOT_PASSWORD=averysecurepassword - TZ=Europe/Stockholm - MYSQL_DATABASE=bookstackapp - MYSQL_USER=bookstack - MYSQL_PASSWORD=averysecurepassword volumes: - /mnt/dietpi_userdata/bookstack:/config restart: unless-stopped ``` </details> I had a look both in the portainer log for the app and the db and it just tells me there are no logs? If I attach to the image and have a look in /var/logs I find two empty folders, nginx & php portainer inspect shows these processes running: ![image](https://user-images.githubusercontent.com/29815625/105618958-c6ddf780-5ded-11eb-8543-bda790b453f7.png)
OVERLORD commented 2026-02-05 02:41:14 +03:00
Author
Owner
Copy Link

@cdrfun commented on GitHub (Feb 17, 2021):

@kdamianakis Please set up a separate issue to keep things separated. Make sure to add some details like your docker compose etc. I think this issue is a pretty good example of what's needed to solve an issue.

@cdrfun commented on GitHub (Feb 17, 2021): @kdamianakis Please set up a separate issue to keep things separated. Make sure to add some details like your docker compose etc. I think this issue is a pretty good example of what's needed to solve an issue.
OVERLORD commented 2026-02-05 02:41:18 +03:00
Author
Owner
Copy Link

@cdrfun commented on GitHub (Feb 17, 2021):

@eyduh

Should I set APP_URL to the local http://address:port or the public https://books.my.domain?

The APP_URL should be https://books.my.domain in your case. The public-facing URL of bookstack.

I've noticed your bookstack and database volumes are the same. I'm not sure if that's a problem, but I'd locate these in separate folders to be sure. If you don't have anything in your database, just throw it away, so bookstack can set it up again.

@cdrfun commented on GitHub (Feb 17, 2021): @eyduh > Should I set APP_URL to the local http://address:port or the public https://books.my.domain? The APP_URL should be https://books.my.domain in your case. The public-facing URL of bookstack. I've noticed your bookstack and database volumes are the same. I'm not sure if that's a problem, but I'd locate these in separate folders to be sure. If you don't have anything in your database, just throw it away, so bookstack can set it up again.
OVERLORD commented 2026-02-05 02:41:22 +03:00
Author
Owner
Copy Link

@peracchi commented on GitHub (Mar 11, 2021):

Same problem as @eyduh and others.

Two days trying several proposed solutions, Google and whatever.

Important note: I already had this scenario working several months ago. Just redone everything using same config files. Only Bookstack is not working fine with Nginx Proxy Manager so I suppose the problem is in something that changed on Bookstack.

I can provide configs and logs but they are more or less equal to info already on thread.

@peracchi commented on GitHub (Mar 11, 2021): Same problem as @eyduh and others. Two days trying several proposed solutions, Google and whatever. Important note: I already had this scenario working several months ago. Just redone everything using same config files. Only Bookstack is not working fine with Nginx Proxy Manager so I suppose the problem is in something that changed on Bookstack. I can provide configs and logs but they are more or less equal to info already on thread.
OVERLORD commented 2026-02-05 02:41:27 +03:00
Author
Owner
Copy Link

@cdrfun commented on GitHub (Mar 11, 2021):

@peracchi Please set up a separate issue to keep things separated. Make sure to add some details like your docker compose etc. I think this issue is a pretty good example of what's needed to solve an issue.

@cdrfun commented on GitHub (Mar 11, 2021): @peracchi Please set up a separate issue to keep things separated. Make sure to add some details like your docker compose etc. I think this issue is a pretty good example of what's needed to solve an issue.
OVERLORD commented 2026-02-05 02:41:33 +03:00
Author
Owner
Copy Link

@peracchi commented on GitHub (Mar 11, 2021):

I make it work again using the bellow files/settings:

/home/peracchi/docker/npm/docker-compose.yml

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: npm
    restart: always
    ports:
      # Public HTTP Port:
      - '80:80'
      # Public HTTPS Port:
      - '443:443'
      # Admin Web Port:
      - '81:81'
    environment:
    # These are the settings to access your db
      DB_SQLITE_FILE: "/data/database.sqlite"
      # Uncomment this if IPv6 is not enabled on your host
      DISABLE_IPV6: 'true'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
networks:
  default:
    external:
      name: custom_docker_network

/home/peracchi/docker/bookstack/docker-compose.yml

version: '2'
services:
  bookstack:
    image: ghcr.io/linuxserver/bookstack
    container_name: bookstack
    environment:
      - PUID=1000
      - PGID=1000
      - APP_URL=https://bookstack.mydomain.com
      - DB_HOST=bookstack_db
      - DB_USER=bookstack
      - DB_PASS=bookstack
      - DB_DATABASE=bookstackapp
    volumes:
      - ./bookstack:/config
#    ports:
#      - 6875:80
    restart: unless-stopped
    depends_on:
      - bookstack_db
  bookstack_db:
    image: ghcr.io/linuxserver/mariadb
    container_name: bookstack_db
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=bookstack
      - TZ=America/Sao_Paulo
      - MYSQL_DATABASE=bookstackapp
      - MYSQL_USER=bookstack
      - MYSQL_PASSWORD=bookstack
    volumes:
      - ./mysql:/config
    restart: unless-stopped
networks:
  default:
    external:
      name: custom_docker_network

Nginx Proxy Manager

  Edit Proxy Host
    Details
      Domain Names -> bookstack.mydomain.com
      Scheme -> http
      Forward Hostname/IP -> bookstack
      Forward Port -> 80
    SSL
      SSL Certificate -> bookstack.mydomain.com
      [x] Force SSL
      [x] HTTP/2 Support
      [x] HSTS Enabled

I am using a Raspberry Pi 4 Model B Rev 1.2 with 4GB RAM and Manjaro ARM Linux aarch64 with Kernel 5.11.0-3-MANJARO-ARM as OS (best OS for RPI4 hands down! - use manjaro-arm-installer on your desktop and you will never look back).

Some references:
custom_docker_network -> https://nginxproxymanager.com/advanced-config/
Raspberry Pi 4 Minimal -> https://manjaro.org/download/#raspberry-pi-4-minimal

@eyduh @coaqii @devnope - if you try some or all settings above and it work for you please let me know.

@peracchi commented on GitHub (Mar 11, 2021): I make it work again using the bellow files/settings: **/home/peracchi/docker/npm/docker-compose.yml** ``` version: '3' services: app: image: 'jc21/nginx-proxy-manager:latest' container_name: npm restart: always ports: # Public HTTP Port: - '80:80' # Public HTTPS Port: - '443:443' # Admin Web Port: - '81:81' environment: # These are the settings to access your db DB_SQLITE_FILE: "/data/database.sqlite" # Uncomment this if IPv6 is not enabled on your host DISABLE_IPV6: 'true' volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt networks: default: external: name: custom_docker_network ``` **/home/peracchi/docker/bookstack/docker-compose.yml** ``` version: '2' services: bookstack: image: ghcr.io/linuxserver/bookstack container_name: bookstack environment: - PUID=1000 - PGID=1000 - APP_URL=https://bookstack.mydomain.com - DB_HOST=bookstack_db - DB_USER=bookstack - DB_PASS=bookstack - DB_DATABASE=bookstackapp volumes: - ./bookstack:/config # ports: # - 6875:80 restart: unless-stopped depends_on: - bookstack_db bookstack_db: image: ghcr.io/linuxserver/mariadb container_name: bookstack_db environment: - PUID=1000 - PGID=1000 - MYSQL_ROOT_PASSWORD=bookstack - TZ=America/Sao_Paulo - MYSQL_DATABASE=bookstackapp - MYSQL_USER=bookstack - MYSQL_PASSWORD=bookstack volumes: - ./mysql:/config restart: unless-stopped networks: default: external: name: custom_docker_network ``` **Nginx Proxy Manager** ``` Edit Proxy Host Details Domain Names -> bookstack.mydomain.com Scheme -> http Forward Hostname/IP -> bookstack Forward Port -> 80 SSL SSL Certificate -> bookstack.mydomain.com [x] Force SSL [x] HTTP/2 Support [x] HSTS Enabled ``` I am using a Raspberry Pi 4 Model B Rev 1.2 with 4GB RAM and Manjaro ARM Linux aarch64 with Kernel 5.11.0-3-MANJARO-ARM as OS (best OS for RPI4 hands down! - use _manjaro-arm-installer_ on your desktop and you will never look back). **Some references:** custom_docker_network -> https://nginxproxymanager.com/advanced-config/ Raspberry Pi 4 Minimal -> https://manjaro.org/download/#raspberry-pi-4-minimal @eyduh @coaqii @devnope - if you try some or all settings above and it work for you please let me know.
OVERLORD commented 2026-02-05 02:41:38 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Mar 12, 2021):

Since the original author has not replied in a while, and since the comment chain is getting a little confusing here, I'll close this off.

@ssddanbrown commented on GitHub (Mar 12, 2021): Since the original author has not replied in a while, and since the comment chain is getting a little confusing here, I'll close this off.
OVERLORD commented 2026-02-05 02:41:41 +03:00
Author
Owner
Copy Link

@MatthK commented on GitHub (May 15, 2023):

I just fired up a docker container and also tried to access the site behind an nginx reverse proxy. Experienced the same problem, that the CSS files were served as unsecure items via http:// instead of https://

I then changed the APP_URL=http://bookstack.domain.com to APP_URL=https://bookstack.domain.com and it works flawelessy now.

My nginx site file is nothing fancy, so that shouldn't have much impact.

@MatthK commented on GitHub (May 15, 2023): I just fired up a docker container and also tried to access the site behind an nginx reverse proxy. Experienced the same problem, that the CSS files were served as unsecure items via http:// instead of https:// I then changed the `APP_URL=http://bookstack.domain.com` to `APP_URL=https://bookstack.domain.com` and it works flawelessy now. My nginx site file is nothing fancy, so that shouldn't have much impact.
OVERLORD commented 2026-02-05 02:41:46 +03:00
Author
Owner
Copy Link

@itsnanobug commented on GitHub (Jul 12, 2023):

I'm having this issue.
Everything but BookStack works.
I'm using Nginx Proxy Manager as my proxy and a wildcard certificate with Let's Encrypt through the Cloudflare API.
This part runs on Unraid, it will be changed in the future though.

It gives the strange view of BookStack that the OP had, that looks like the CSS messed up, but it works accessing it locally.
Here's a picture of the start
image

Currently my docker settings is the following (minus the password and stuff):

docker run
  -d
  --name='mycomaind.com_bookstack'
  --net='br0'
  --ip='10.0.10.32'
  -e TZ="Europe/Paris"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="HoloNet"
  -e HOST_CONTAINERNAME="mycomaind.com_bookstack
  -e 'TCP_PORT_80'='6875'
  -e 'APP_URL'='https://localhost'
  -e 'DB_HOST'='10.0.10.31'
  -e 'DB_PORT'='3306'
  -e 'DB_USER'='XYZ'
  -e 'DB_PASS'='XYZ'
  -e 'DB_DATABASE'='XYZ'
  -e 'PUID'='99'
  -e 'PGID'='100'
  -e 'UMASK'='022'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/bookstack-logo.png'
  -v '/mnt/user/appdata/nanobug.dk/nanobug.dk_bookstack/':'/config':'rw' 'lscr.io/linuxserver/bookstack'
790ba3e16f8fd3f8bacbe8d9a5bfebbbcb9b20391937fa81f449d04f9dcae2af

The current file for the reverse proxy:

server {
  set $forward_scheme https;
  set $server         "10.0.10.32";
  set $port           443;

  listen 80;
listen [::]:80;

listen 443 ssl http2;
listen [::]:443 ssl http2;


  server_name test.nanobug.dk;


  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-1/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-1/privkey.pem;






  # Block Exploits
  include conf.d/include/block-exploits.conf;







    # Force SSL
    include conf.d/include/force-ssl.conf;





  access_log /data/logs/proxy-host-3_access.log proxy;
  error_log /data/logs/proxy-host-3_error.log warn;







  location / {











    # Proxy!
    include conf.d/include/proxy.conf;
  }

The pictures from the Nginx Proxy Manager WebUI:
image
image

I've tried setting it to port 80/http as well, with the same issue.
I've tried different settings by changing one at a time, but no luck.
I've tried going over this video numerous time:
https://www.youtube.com/watch?v=dbDzPIv8Cf8&t=1376s

I'm not sure how to get it to work.
Any ideas?

@itsnanobug commented on GitHub (Jul 12, 2023): I'm having this issue. Everything but BookStack works. I'm using [Nginx Proxy Manager](https://nginxproxymanager.com) as my proxy and a wildcard certificate with Let's Encrypt through the Cloudflare API. This part runs on Unraid, it will be changed in the future though. It gives the strange view of BookStack that the OP had, that looks like the CSS messed up, but it works accessing it locally. Here's a picture of the start ![image](https://github.com/BookStackApp/BookStack/assets/64610851/2e024c68-224d-4a98-a12c-f3fe35f1a33f) Currently my docker settings is the following (minus the password and stuff): ``` docker run -d --name='mycomaind.com_bookstack' --net='br0' --ip='10.0.10.32' -e TZ="Europe/Paris" -e HOST_OS="Unraid" -e HOST_HOSTNAME="HoloNet" -e HOST_CONTAINERNAME="mycomaind.com_bookstack -e 'TCP_PORT_80'='6875' -e 'APP_URL'='https://localhost' -e 'DB_HOST'='10.0.10.31' -e 'DB_PORT'='3306' -e 'DB_USER'='XYZ' -e 'DB_PASS'='XYZ' -e 'DB_DATABASE'='XYZ' -e 'PUID'='99' -e 'PGID'='100' -e 'UMASK'='022' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.icon='https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/bookstack-logo.png' -v '/mnt/user/appdata/nanobug.dk/nanobug.dk_bookstack/':'/config':'rw' 'lscr.io/linuxserver/bookstack' 790ba3e16f8fd3f8bacbe8d9a5bfebbbcb9b20391937fa81f449d04f9dcae2af ``` The current file for the reverse proxy: ``` server { set $forward_scheme https; set $server "10.0.10.32"; set $port 443; listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443 ssl http2; server_name test.nanobug.dk; # Let's Encrypt SSL include conf.d/include/letsencrypt-acme-challenge.conf; include conf.d/include/ssl-ciphers.conf; ssl_certificate /etc/letsencrypt/live/npm-1/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/npm-1/privkey.pem; # Block Exploits include conf.d/include/block-exploits.conf; # Force SSL include conf.d/include/force-ssl.conf; access_log /data/logs/proxy-host-3_access.log proxy; error_log /data/logs/proxy-host-3_error.log warn; location / { # Proxy! include conf.d/include/proxy.conf; } ``` The pictures from the Nginx Proxy Manager WebUI: ![image](https://github.com/BookStackApp/BookStack/assets/64610851/99a2dd66-8c03-4290-83b5-a164c6c7d27e) ![image](https://github.com/BookStackApp/BookStack/assets/64610851/a35eb3d2-5b7d-4861-8b04-c6c417ee34f8) I've tried setting it to port 80/http as well, with the same issue. I've tried different settings by changing one at a time, but no luck. I've tried going over this video numerous time: https://www.youtube.com/watch?v=dbDzPIv8Cf8&t=1376s I'm not sure how to get it to work. Any ideas?
OVERLORD commented 2026-02-05 02:41:52 +03:00
Author
Owner
Copy Link

@itsnanobug commented on GitHub (Jul 12, 2023):

Right after I posted this, I got it to work, so here I am again, posting my solution.

The APP_URL was the trickster for me.
I changed -e 'APP_URL'='https://mydomain.com' so it wasn't an IP, or local host, but the actual domain I'm going to access it from.
In Nginx Proxy Manager I pointed it to the IP address at port 80, in my case it's 10.0.10.32:80, and enabled the settings I wanted to.

@itsnanobug commented on GitHub (Jul 12, 2023): Right after I posted this, I got it to work, so here I am again, posting my solution. The APP_URL was the trickster for me. I changed `-e 'APP_URL'='https://mydomain.com'` so it wasn't an IP, or local host, but the actual domain I'm going to access it from. In Nginx Proxy Manager I pointed it to the IP address at port 80, in my case it's 10.0.10.32:80, and enabled the settings I wanted to.
OVERLORD commented 2026-02-05 02:41:57 +03:00
Author
Owner
Copy Link

@rdndsy commented on GitHub (Jun 7, 2024):

给出了 OP 所呈现的奇怪的 BookStack 视图,看起来像是 CSS 搞乱了,但它可以在本地访问它。
这是开始的图片

Same problem, fixed it with this method

@rdndsy commented on GitHub (Jun 7, 2024): > 给出了 OP 所呈现的奇怪的 BookStack 视图,看起来像是 CSS 搞乱了,但它可以在本地访问它。 > 这是开始的图片 Same problem, fixed it with this method
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#2040
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?