Images do not load in self hosted drawio instance

Question

Images do not load in self hosted drawio instance

Closed this issue 2 years ago · 0 comments

Main Issue and behavior
When selecting 'Insert/edit drawing' the drawio instance opens but the image does not load.
Any edit or image created and then saved replaces the image in bookstack.
If the image is not highlighted and an image is created and saved in drawio, it inserts that image below the original.
Details
The original image exists in public/uploads/images/gallery/2023-05/original-image.png
The overwriting image exists in public/uploads/images/drawio/2023-05/new-image.png
I created both drawio and bookstack using docker-compose files.
I have tested that another service can open images in an embedded drawio setup, leading me to believe it is a issue with my bookstack configuration.
Config files

env
APP_ENV=production
APP_DEBUG=false
APP_KEY=SomeRandomStringWith32Characters
APP_URL=https://bookstack.domain.name
DB_HOST=mysql:3306
DB_DATABASE=bookstack
DB_USERNAME=bookstack
DB_PASSWORD=secret
CACHE_DRIVER=file
SESSION_DRIVER=file
QUEUE_DRIVER=sync
MEMCACHED_SERVERS=127.0.0.1:11211:100
STORAGE_TYPE=local
STORAGE_S3_KEY=false
STORAGE_S3_SECRET=false
STORAGE_S3_REGION=false
STORAGE_S3_BUCKET=false
STORAGE_URL=false
AUTH_METHOD=standard
GITHUB_APP_ID=false
GITHUB_APP_SECRET=false
GOOGLE_APP_ID=false
GOOGLE_APP_SECRET=false
DISABLE_EXTERNAL_SERVICES=false
LDAP_SERVER=false
LDAP_BASE_DN=false
LDAP_DN=false
LDAP_PASS=false
LDAP_USER_FILTER=false
LDAP_VERSION=false

  DRAWIO=https://drawio.infra.sdev:8443/?embed=1&proto=json&spin=1&stealth=1&configure=1
  ALLOWED_IFRAME_SOURCES="https://drawio.infra.sdev:8443"
  ALLOW_CONTENT_SCRIPTS=true

sslproxy.conf
ServerRoot "/usr/local/apache2"

LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule filter_module modules/mod_filter.so
LoadModule mime_module modules/mod_mime.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so

User www-data
Group www-data

ServerAdmin you@example.com
ServerName bookstack.domain.name

AllowOverride none
Require all denied

DocumentRoot "/usr/local/apache2/htdocs"
<Directory "/usr/local/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted

DirectoryIndex index.html

<Files ".ht*">
Require all denied

ErrorLog /proc/self/fd/2
LogLevel warn

LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "%h %l %u %t "%r" %>s %b" common

LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %I %O" combinedio

CustomLog /proc/self/fd/1 common

RequestHeader unset Proxy early

Include conf/extra/proxy-html.conf

Include conf/extra/httpd-ssl.conf

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

LDAPTrustedMode SSL
LDAPVerifyServerCert Off
<VirtualHost *:443>
ServerName bookstack.domain.name
SSLProxyEngine On
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
ProxyRequests Off
SSLEngine On
SSLCertificateFile /usr/local/apache2/conf/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/server.key

base.blade.php
<script src="https://drawio.domain.name:8443" nonce="{{ $cspNonce }}"></script>
This was added to the yeild section at the bottom of this file to allow the drawio instance to open (based off a resolved issue, this + extra lines in the env file solved my issue)

docker-compose.yml
version: '2'
services:
mysql:
image: mysql:8.0
container_name: bookstack_db
networks:
default:
ipv4_address: x.x.x.x
environment:
- MYSQL_ROOT_PASSWORD=secret
- MYSQL_DATABASE=bookstack
- MYSQL_USER=bookstack
- MYSQL_PASSWORD=secret
volumes:
- mysql-data:/var/lib/mysql

sslproxy:
image: httpd:2.4-alpine
network_mode: "service:bookstack"
volumes:
- ./httpd.conf:/usr/local/apache2/conf/httpd.conf:ro
- ./server.key:/usr/local/apache2/conf/server.key:ro
- ./server.cert:/usr/local/apache2/conf/server.crt:ro

bookstack:
image: solidnerd/bookstack:23.5.1
container_name: bookstack
depends_on:
- mysql
networks:
default:
ipv4_address: x.x.x.x
environment:
- DB_HOST=mysql:3306
- DB_DATABASE=bookstack
- DB_USERNAME=bookstack
- DB_PASSWORD=secret
- APP_URL=https://bookstack.domian.name
volumes:
- uploads:/var/www/bookstack/public/uploads
- storage-uploads:/var/www/bookstack/storage/uploads
- ./env:/var/www/bookstack/.env:ro
- ./base.blade.php:/var/www/bookstack/resources/views/layouts/base.blade.php

volumes:
mysql-data:
uploads:
storage-uploads:

networks:
OMMITTED

Please let me know if there is any other information I can provide!