Fix n8n proxy configuration for OpenLiteSpeed compatibility

- Change N8N_HOST to 0.0.0.0 (internal bind address, not domain) - Simplify VHost extraHeaders to ONLY set Origin header - Remove duplicate X-Forwarded-* headers (OLS adds these automatically) - Remove N8N_ALLOWED_ORIGINS and N8N_ALLOW_CONNECTIONS_FROM (not needed) The key issue was duplicate X-Forwarded-Host headers. OpenLiteSpeed proxy contexts automatically add X-Forwarded-* headers, so explicitly setting them creates duplicates that cause n8n validation to fail. Only the Origin header needs explicit configuration in extraHeaders. This works with the patched OLS binary (MD5: b9c65aa2563778975d0d2361494e9d31) that forwards Origin headers from the client.
2025-11-08 00:32:16 +05:00 · 2025-11-08 00:32:16 +05:00 · 120dcd3d20
parent 879fce8c5b
commit 120dcd3d20
1 changed files with 6 additions and 10 deletions
--- a/plogical/DockerSites.py
+++ b/plogical/DockerSites.py
@ -308,7 +308,9 @@ extprocessor docker{port} {{
                logging.writeToFile("Context already exists, skipping...")
                return True
            
-            # Add proxy context with proper headers for n8n
+            # Add proxy context with Origin header for n8n
+            # Note: OLS proxy automatically adds X-Forwarded-* headers
+            # Only Origin header needs explicit configuration
            proxy_context = f'''

 # N8N Proxy Configuration
@ -319,11 +321,7 @@ context / {{
  websocket               1

  extraHeaders            <<<END_extraHeaders
-  RequestHeader unset X-Forwarded-For
-  RequestHeader set X-Forwarded-For $ip
-  RequestHeader set X-Forwarded-Proto https
-  RequestHeader set X-Forwarded-Host "{domain}"
-  RequestHeader set Host "{domain}"
+  RequestHeader set Origin "https://{domain}"
  END_extraHeaders
 }}
 '''
@ -1368,7 +1366,7 @@ services:
                'DB_POSTGRESDB_DATABASE': self.data['MySQLDBName'],
                'DB_POSTGRESDB_USER': 'postgres',
                'DB_POSTGRESDB_PASSWORD': self.data['MySQLPassword'],
-                'N8N_HOST': f"{self.data['finalURL']}",
+                'N8N_HOST': '0.0.0.0',
                'N8N_PORT': '5678',
                'NODE_ENV': 'production',
                'N8N_EDITOR_BASE_URL': f"https://{self.data['finalURL']}",
@ -1381,9 +1379,7 @@ services:
                'DB_POSTGRESDB_SCHEMA': 'public',
                'N8N_PROTOCOL': 'https',
                'N8N_SECURE_COOKIE': 'true',
-                'N8N_PROXY_HOPS': '1',
-                'N8N_ALLOWED_ORIGINS': f"https://{self.data['finalURL']}",
-                'N8N_ALLOW_CONNECTIONS_FROM': '*'
+                'N8N_PROXY_HOPS': '1'
            }
        }