Edit: Solution is in Nginx I disabled these: Cache Assets, Block Common Exploits, Websockets Support.
I can login using the local IP 192.168.1.2:9101, but when I route that with Nginx, It won’t.
I have the GUI listen address as : 0.0.0.0:9101
I’ve been googling for hours but I can’t find anything, In browser console it says
Failed to load resource: the server responded with a status of 403 ()
syncthing.my.domain.com/:1 Refused to execute script from 'https://syncthing.my.domain.com/meta.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
I’d definitely take a look at the syncthing logs…
The log doesn’t mention anything regarding a login attempt
403 Forbidden doesn’t necessarily mean a bad login attempt. Are you sure that’s the error? My troubleshooting steps would be to access directly (no nginx), and look at the logs for a successful login. Then, look try to login with nginx, and look at those logs (both access.log and error.log on nginx, and any/all logs from syncthing). Find out where the two cases diverge and go from there.
Does syncthing have a domain name specified? If it doesn’t know its domain name it may work from IP directly but not via reverse proxy. Just a hunch.
In Syncthing logs the difference between success and fail
Success
2024-04-29 00:46:58 http: POST "/rest/noauth/auth/password": status 204, 0 bytes in 62.48 ms 2024-04-29 00:46:58 http: GET "/rest/events?since=174": status 200, 240 bytes in 54538.81 ms 2024-04-29 00:46:58 http: GET "/": status 304, 0 bytes in 0.00 ms 2024-04-29 00:46:58 http: GET "/vendor/bootstrap/css/bootstrap.css": status 304, 0 bytes in 1.24 ms 2024-04-29 00:46:58 http: GET "/vendor/daterangepicker/daterangepicker.css": status 304, 0 bytes in 0.00 ms 2024-04-29 00:46:58 http: GET "/vendor/fork-awesome/css/fork-awesome.css": status 304, 0 bytes in 0.00 ms 2024-04-29 00:46:58 http: GET "/assets/font/raleway.css": status 304, 0 bytes in 0.00 ms
Fail
2024-04-29 00:44:09 http: POST "/rest/noauth/auth/password": status 403, 10 bytes in 237.16 ms 2024-04-29 00:44:09 http: GET "/modal.html": status 304, 0 bytes in 0.00 ms 2024-04-29 00:44:09 http: GET "/syncthing/core/editShareTemplate.html": status 304, 0 bytes in 0.07 ms 2024-04-29 00:44:10 http: POST "/rest/noauth/auth/password": status 204, 0 bytes in 85.43 ms 2024-04-29 00:44:11 http: GET "/": status 304, 0 bytes in 0.00 ms 2024-04-29 00:44:11 http: GET "/rest/svc/lang": status 200, 22 bytes in 0.00 ms
This suggests nginx options to use re: hostname. Unsure of your nginx config…
https://forum.syncthing.net/t/web-gui-over-nginx-proxy-only/13767
I managed to get it to work finally, I disabled these Cache Assets, Block Common Exploits, Websockets Support.