How to properly setup HTTPS for gogs?

gogs 0.11.91
Server version: Apache/2.4.6 (CentOS)

I was able to successfully setup https, but with port :3000 at the end. https://utl:3000/, how can I setup gogs without including the port :3000 in the url?

app.ini

[server]

PROTOCOL = https
DOMAIN = gogsdomaincom
HTTP_PORT = 3000
ROOT_URL = https://gogsdomaincom/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
OFFLINE_MODE = false
CERT_FILE = /opt/gogs/custom/conf/cert.pem
KEY_FILE = /opt/gogs/custom/conf/key.pem

gogs.domain.com.conf

ServerName gogsdomaincom ServerAlias gogsdomaincom SSLCertificateFile /etc/letsencrypt/live/gogs.domain.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/gogs.domain.com/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateChainFile /etc/letsencrypt/live/gogs.domain.com/chain.pem Order allow,deny Allow from all SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyPass / https://127.0.0.1:3000/ ProxyPassReverse / https://127.0.0.1:3000/

gogsdomain.conf

<VirtualHost *:80>
ServerName gogs.domain.com
ServerAlias gogs.domain.com
<Proxy *>
Order allow,deny
Allow from all

ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
#Require all granted
RewriteEngine on
RewriteCond %{SERVER_NAME} =gogs.domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Hi, you have reverse proxy, I don’t see why you can’t visit Gogs instance without :3000.

I still cant figure this ouw. any place that I should be looking at?

HTTPS has nothing to do with the port number, if you can’t visit your site without port number, then most likely the reverse proxy you use has incorrect configuration.

I am able to visit my site without the port,but if I do https://gogs.domain.com that is when I cant access the website.

What do you mean by “able to visit my site without the port”?

I was able to visit my url like this http://gogs.domain.com/ and I was also able to set up https but like this.

https://gogs.domain.com:3000/

but if I try to do https://gogs.domain.com/ this one wont work.

Ah, OK. I think the problem is you don’t/shouldn’t set up HTTPS in Gogs, instead you do it in the reverse proxy configuration. Gogs itself still accepts normal HTTP traffic behind the reverse proxy.

is it possible to do it with centos apache?

I have this on my HTTPS but keep getting send to the welcome page of apache instead of the content of gogs.

<VirtualHost *:443>

    ServerName gogs.domain.com
    ServerAlias gogs.domain.com
    SSLEngine On
    SSLProxyEngine On
SSLCertificateFile /etc/letsencrypt/live/gogs.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gogs.domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/gogs.domain.com/chain.pem

<Proxy *>
     Order allow,deny
     Allow from all
</Proxy>
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/

Yes, it is definitely possible, but I’m never used Apache myself, this article might be helpful: https://www.centosblog.com/configure-apache-https-reverse-proxy-centos-linux/

I was able to solve it. pretty weird actually. So I tried to copy my proxy configuration to the main httpd.conf and restart apache and it works and then I remove that configuration from httpd.conf and put it back to the host.conf file and it now works.

:joy: haha, I have no idea… but it’s solved!

haha yeah, it’s really weird.