From 5624ecc65eeeffc0f2cbed5aa99a3155e3c143db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20M=C3=A4der?= <mail@cimnine.ch>
Date: Tue, 2 Jun 2020 16:06:52 +0200
Subject: [PATCH] Remove the 'X-Forwarded-Proto' line from the nginx config

The reason is that in the default configuration nginx is only serving 'http' traffic.
So if an upstream proxy sets the 'X-Forwarded-Proto' header, because it is terminating
TLS, then nginx will overwrite it to 'http'. This will cause django to think the page
is served via 'http' and it will not create 'https://...' URLs.

Related to #292
---
 .gitignore        | 1 +
 docker/nginx.conf | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 97aa1b3..3389e7a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@
 .netbox
 .initializers
 docker-compose.override.yml
+*.pem
diff --git a/docker/nginx.conf b/docker/nginx.conf
index 3b78a9f..edbd927 100644
--- a/docker/nginx.conf
+++ b/docker/nginx.conf
@@ -29,7 +29,6 @@ http {
             proxy_pass http://netbox:8001;
             proxy_set_header X-Forwarded-Host $http_host;
             proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-Proto $scheme;
             add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
         }
     }