A few code changes in MythWeb will change the URLs to protocol relative URLs. This makes it much easier to put MythWeb behind a reverse proxy (like nginx) and add the security of SSL certificates.
All the links in MythWeb are hardwired as http (ie., insecure) as they include the full URL and protocol in all links / src references.
They should have the http:removed, so they look like this in the HTML:
Code: Select all
//my-public-domain/mythweb/tv/list
How I changed some code to fix this
In the folder /usr/share/mythtv/mythweb/includes I made the following changes
defines.php
Code: Select all
// $root_url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';
$root_url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? '//' : '//';
Code: Select all
// define('skin_url', 'skins/'.skin.'/' );
// define('skin_img_url', skin_url.'img/' );
define('skin_url', root_url.'skins/'.skin.'/' );
define('skin_img_url', skin_url.'img/' );
Code: Select all
# Redirect http to https for this domain
server {
listen 80;
server_name my-public-domain;
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 443 ssl;
server_name my-public-domain;
ssl_certificate /etc/letsencrypt/live/my-public-domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my-public-domain/privkey.pem;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://INTERNAL-HOST-OF-MYTHWEB;
}
# Ask robots to ignore this domain
location /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
}