LukeChannings/moviematch

[Bug] Vanilla docker run/compose raises ERR_SSL_PROTOCOL_ERROR

Closed this issue · 4 comments

pythoninthegrass commented

Describe the bug
Chrome (Chromium) attempts to redirect to HTTPS instead of unencrypted HTTP.

To Reproduce
Steps to reproduce the behavior:

  • docker run -it -e PLEX_URL=<Plex URL> -e PLEX_TOKEN=<Your Token> -p 8000:8000 lukechannings/moviematch or the docker-compose equivalent
  • Open localhost:8000
  • Chromium v84.0.4147.105 raises:
This site can’t provide a secure connection192.168.8.151 sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

Expected behavior
Fallback to insecure connection with scary warnings when SSL termination doesn't happen.

Screenshots
2021-01-09 12_10_50-192 168 8 151 - Chromium

Desktop (please complete the following information):

  • OS: Windows 10 (v2004 Build 19041.685)
  • Browser: Chromium
  • Version: 84.0.4147.105

Smartphone (please complete the following information):

  • N/A

Additional context
I expect the results to be the same across OSes and browsers. Haven't thoroughly tested, but can if necessary. Ideally, MovieMatch would fallback to an insecure connection without an SSL cert instead of necessitating using nginx or traefik, but that sounds like the obvious upstream solution combined with Let's Encrypt or another CA's cert.

LukeChannings commented

Hey, thanks for the report!

MovieMatch does not redirect HTTP to HTTPS, and doesn't expose an option to configure TLS.

I suspect your browser or reverse proxy is configured to redirect HTTP to HTTPS.

The best way to successfully configure MovieMatch with TLS is with a reverse proxy that terminates TLS.

I have some example configurations here

pythoninthegrass commented

Ugh. Suspected that might be the case. I'll see if I can get a reverse proxy working. Bit of an Achilles' heel for me haha.

Also noticed that thumbnails are broken. I've set ROOT_PATH to /docker/containers/moviematch but noticed that it's not mounting any volumes. Can open a separate ticket, but thought I'd mention it if I'm missing something obvious.
2021-01-09 13_44_34-MovieMatch - Chromium

Thanks for your help @LukeChannings!

LukeChannings commented

ROOT_PATH should only be used it you're hosting MovieMatch behind a single domain.

For example, if you want apps.example.com/moviematch to point to MovieMatch, the ROOT_PATH should be moviematch.

It does not relate to volumes 😬

pythoninthegrass commented

ROOT_PATH should only be used it you're hosting MovieMatch behind a single domain.

That did it! Thumbnails are populating as expected. I'll close this ticket and look at setting up a reverse proxy.

Thanks again!

  • 👍1