[GeoNetwork-devel] Port issue for ogc-api-records-service

Hi All,

I’ve got geonetwork 4.2.5 and ogc-api-records-service 4.2.5 running as docker images behind nginx. There’s a loadbalancer forwarding https requests to port 80 in nginx. There’s no port set in the geonetwork port settings. So, I can visit https://myurl/geonetwork and https://myurl/geonetwork/api/collections and both resolve correctly. However, the generated links in the landing page, such as the links to the individual collections, all contain port 443, so they don’t work.

If I bypass the loadbalancer and nginx and tunnel to the site on (say) port 8087 then the generated links all include port 8087. I think this means that my issue is something to do with the way that the request is being forwarded via the loadbalancer and nginx, but is there anything I can configure in ogc-api-records-service rather than changing my nginx config (which is working for everything else)?

Thanks

Jo

···

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Hi Jo, you can check that you set headers ?
https://github.com/geonetwork/docker-geonetwork/blob/main/4.2.5/nginx/default.conf.template#L14-L16

HTH
Francois

···

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Hi Francois,

I have got headers set but not quite the same. Here’s my nginx config for GeoNetwork:

location /geonetwork {

default geonetwork in docker

add_header X-Frame-Options “SAMEORIGIN” always;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://geonetwork:8080;
add_header Cache-Control “no-store”;
client_max_body_size 30M;
proxy_send_timeout 36000;
proxy_read_timeout 36000;
send_timeout 36000;
proxy_intercept_errors on;
error_page 404 /404.html;
if ($http_x_forwarded_proto = “http”) {
rewrite ^/(.*)$ https://$host$request_uri;
}
}

Thanks

Jo

···

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Hi Jo, Configuration looks fine, next check would be SERVER_FORWARDHEADERSSTRATEGY
https://github.com/geonetwork/docker-geonetwork/blob/main/4.2.5/docker-compose.yml#L115-L118
The config is used at https://sdi.eea.europa.eu/catalogue/api/collections/ for example.

Then no other suggestion.

Francois

···

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Hi Francois,

I have it set to FRAMEWORK at the moment but have also tried NATIVE. I’m not really sure what the difference is though!

I’ll try bypassing the loadbalancer to further isolate where the problem is occurring.

Thanks

Jo

···

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Hi Francois,

I’ve just noticed something a bit strange which makes me question whether the issue is actually with the loadbalancer or nginx at all. If I go to https://myurl/geonetwork/api/collections then the link to https://myurl/geonetwork/api/collections/main not only has the port included, but it’s also http rather than https. However, the format links on the right, eg https://myurl/geonetwork/api/collections?f=html are correct.

If I go to https://myurl/geonetwork/api/collections/main the home link in the footer is correct but the link to https://myurl/geonetwork/api/collections/main/items is incorrect (wrong protocol and includes the port).

If I go to https://myurl/geonetwork/api/collections/main/items then the links to individual records are all correct.

It seems as if there are different ways of calculating the links?

Thanks

Jo

···

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009

Jo Cook
Data Discovery Lead, Astun Technology
t:+44 7930 524 155 | twitter:@archaeogeek | mastodon:@archaeogeek@anonymised.com.
Please note that currently I do not work on Friday afternoons. For urgent responses at that time, please visit support.astuntechnology.com or phone our office on 01372 744009