[Self Hosted] [Unified Beta] Nginx Redirect Error

[Entrepreneur-AJ]

Setting up a fresh install my instance no matter how many docker rm and relaunches I do seems to be trying to redirect to the internal port instead of the external SSL port.

Looks to be https://github.com/bitwarden/self-host/blame/master/docker-unified/hbs/nginx-config.hbs on line 7 thats causing the issue.

CLI tests (easier to show):

curl -I http://mybitwardendomain.tld
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 12 Aug 2023 11:06:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://mybitwardendomain.tld:8443/

curl -I https://mybitwardendomain.tld
curl: (7) Failed to connect to mybitwardendomain.tld port 8443 after 15 ms: Couldn't connect to server

curl -I https://mybitwardendomain.tld
HTTP/2 200 server: nginx date: Sat, 12 Aug 2023 11:19:31 GMT content-type: text/html content-length: 1238 last-modified: Tue, 25 Jul 2023 20:03:38 GMT vary: Accept-Encoding etag: "64c02a9a-4d6" strict-transport-security: max-age=15768000 referrer-policy: same-origin x-content-type-options: nosniff x-xss-protection: 1; mode=block content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com; child-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory; object-src 'self' blob:; x-frame-options: SAMEORIGIN x-robots-tag: noindex, nofollow accept-ranges: bytes

settings.env:
`#####################

Required Settings

#####################

Server hostname

BW_DOMAIN=mybitwardendomain.tld

Database

Available providers are sqlserver, postgresql, mysql/mariadb, or sqlite

BW_DB_PROVIDER=postgresql
BW_DB_SERVER=10.8.96.3
BW_DB_DATABASE=bitwarden_vault
BW_DB_USERNAME=bitwarden
BW_DB_PASSWORD=postgres-password

Installation information

Get your ID and key from https://bitwarden.com/host/

BW_INSTALLATION_ID=generated-install-id
BW_INSTALLATION_KEY=generated-install-key

#####################

Optional Settings

#####################

Learn more here: https://bitwarden.com/help/environment-variables/

Container user ID/group ID

#PUID=1000
#PGID=1000

Webserver ports

BW_PORT_HTTP=8080
BW_PORT_HTTPS=8443

SSL

BW_ENABLE_SSL=true
#BW_ENABLE_SSL_CA=true
BW_SSL_CERT=letsencrypt/live/mybitwardendomain.tld/fullchain.pem
BW_SSL_KEY=letsencrypt/live/mybitwardendomain.tld/privkey.pem
#BW_SSL_CA_CERT=ca.crt

Services

Some services, namely for enterprise use cases, are disabled by default. Defaults shown below.

BW_ENABLE_ADMIN=true
BW_ENABLE_API=true
BW_ENABLE_EVENTS=false
BW_ENABLE_ICONS=true
BW_ENABLE_IDENTITY=true
BW_ENABLE_NOTIFICATIONS=true
BW_ENABLE_SCIM=false
BW_ENABLE_SSO=false

BW_ICONS_PROXY_TO_CLOUD=false

Mail

globalSettings__mail__replyToEmail=me@domain.com
globalSettings__mail__smtp__host=smtp.domain.com
globalSettings__mail__smtp__port=465
globalSettings__mail__smtp__ssl=true
globalSettings__mail__smtp__username=emailuser
globalSettings__mail__smtp__password='randomly generated password in marks due to symbols requirement'

Yubikey

#globalSettings__yubico__clientId=REPLACE
#globalSettings__yubico__key=REPLACE

Other

#globalSettings__disableUserRegistration=false
#globalSettings__hibpApiKey=REPLACE
#adminSettings__admins=admin1@email.com,admin2@email.com`