Gitbucket Issue

[FuckingToasters]

Issue

Impacted version: latest

Deployment mode: apache2

Problem description:
I wrote 2 different scripts. one to install gitbucket on port 8001 and setting up virtualhost configurations and one to setup ufw firewall rules.

Here is the gitbucket script:

apt update && apt install -y default-jdk wget curl vim
curl -s  https://api.github.com/repos/gitbucket/gitbucket/releases/latest |grep browser_download_url  |  cut -d '"' -f 4  | grep '\.war$' | wget -i -
groupadd -g 555 gitbucket
useradd -g gitbucket --no-user-group --home-dir /opt/gitbucket --no-create-home --shell /usr/sbin/nologin --system --uid 555 gitbucket

mkdir /opt/gitbucket
mv gitbucket.war /opt/gitbucket
chown -R gitbucket:gitbucket /opt/gitbucket

cat >/etc/systemd/system/gitbucket.service <<EOL
# GitBucket Service
[Unit]
Description=GitBucket Service
After=network.target

[Service]
WorkingDirectory=/opt/gitbucket
ExecStart=/usr/bin/java -Xms128m -Xmx256m -jar gitbucket.war --port=8001
User=gitbucket
Group=gitbucket
Type=simple
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target
... 
EOL
systemctl daemon-reload
systemctl enable --now gitbucket
systemctl status gitbucket

cat >> /etc/apache2/sites-available/gitbucket.conf <<EOL
<VirtualHost *:80>
    ServerName git.thevault.net.ru
    DocumentRoot /opt/gitbucket

    <Directory /opt/gitbucket>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/gitbucket_error.log
    CustomLog ${APACHE_LOG_DIR}/gitbucket_access.log combined

    # Reverse Proxy Configuration for GitBucket
    ProxyPass / http://localhost:8001/
    ProxyPassReverse / http://localhost:8001/
</VirtualHost>
EOL

a2enmod proxy && a2enmod proxy_http && a2enmod proxy_ajp
a2dissite gitbucket.conf && systemctl reload apache2 && a2ensite gitbucket.conf
systemctl reload apache2
systemctl restart apache2
systemctl status apache2

Here the firewall script:

#!/bin/bash

sed -i -e 's/\r$//' /root/scripts/files/update_firewall.sh

# Show each command as executed to debug issues with certain commands.
#set -x

# Check if UFW is installed
if ! command -v ufw &>/dev/null; then
    # Install UFW silently using apt
    apt update -qq
    apt install -y -qq ufw
fi

# Retrieve the Cloudflare IPv4 and IPv6 ranges
IP_RANGES_IPV4=$(curl -s https://www.cloudflare.com/ips-v4)
IP_RANGES_IPV6=$(curl -s https://www.cloudflare.com/ips-v6)

# Flush existing firewall rules
ufw --force reset

# Set default policies
ufw default deny incoming
ufw default allow outgoing

# Allow loopback traffic
ufw allow in on lo

# Allow incoming connections from Cloudflarufw e IPv4 ranges on ports 1500, 1501, and 8001 (HTTP, HTTPS, Custom Port)
while read -r IP_RANGE; do
    ufw allow in from "$IP_RANGE" to any port 1500 proto tcp
    ufw allow in from "$IP_RANGE" to any port 1501 proto tcp
    ufw allow in from "$IP_RANGE" to any port 8001 proto tcp
    ufw allow in from "$IP_RANGE" to any port 80 proto tcp
    ufw allow in from "$IP_RANGE" to any port 443 proto tcp
done <<< "$IP_RANGES_IPV4"

# Allow incoming connections from Cloudflare IPv6 ranges on ports 1500, 1501, and 8001 (HTTP, HTTPS, Custom Port)
while read -r IP_RANGE; do
    ufw allow in from "$IP_RANGE" to any port 1500
    ufw allow in from "$IP_RANGE" to any port 1501
    ufw allow in from "$IP_RANGE" to any port 8001
    ufw allow in from "$IP_RANGE" to any port 80 proto tcp
    ufw allow in from "$IP_RANGE" to any port 443 proto tcp
done <<< "$IP_RANGES_IPV6"

# Add exception for SSH login
ufw allow in to [SERVERIP REDACTED] port [REDACTED PORT]

# Enable UFW
ufw --force enable

The issue is, that whenever i try to visit https://git.thevault.net.ru it shows the content of the mainpage https://thevault.net.ru (which is an forum) and not the gitbucket page. If i do curl in my vps on localhost:8001 i get the gitbucket website html structure.

On Cloudflare i added an A record proxied though cloudflare pointing to my public VPS IP.