• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.
  • Chevereto Support CLST

    Support response

    Support checklist

    • ⚠️ Got a Something went wrong message? Read this guide and provide the actual error. Do not skip this.
    • ✅ Confirm that the server meets the System Requirements
    • 🔥 Check for any available Hotfix - your issue could be already reported/fixed
    • 📚 Read documentation - It will be required to Debug and understand Errors for a faster support response

Can't upload more than 2MB photos, but only on SSL

swipe

swipe

Chevereto Member
Hi,

Apologies if I miss any details. I will try to be as descriptive as possible.

My problem is that I cannot upload big images on my site, but only if i'm using SSL. If I use an unsecure connection, bigger images will go through.

  • I have a VPS with a nginx reverse proxy pointing my domain (img.baconwood.net) to my server that I host at home.
  • I did a fresh install of Chevereto v4 on my home server using this guide: https://github.com/chevereto/vps and my OS for this machine is Ubuntu LTS 22.04.
  • I was able to go to /install and get things started.

I have configured /etc/php/8.1/apache2/conf.d/chevereto.ini as such:

Code: 
log_errors = On
upload_max_filesize = 1024M
post_max_size = 1024M
max_execution_time = 60
memory_limit = 1024M

I reloaded apache, then I went to my site's Settings, Image upload, and raised to match my Maximum upload file size to what I set in chevereto.ini (1024).

When I go to my site via my LAN, the connection is not secure but I am able to upload large images (+2MB)

However, if I go to my domain (img.baconwood.net) I can log in the site but if I upload the same image it will return an Internal server error. If I try with a smaller image, it works. I suppose it's probably a stupid mistake but I don't know what I'm doing wrong and I could use some help.

My nginx reverse proxy server on my VPS is configured as such:

Code: 
server {
    server_name img.baconwood.net;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    location / {
        proxy_pass http://(my_home_ip_address);
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/img.baconwood.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/img.baconwood.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    add_header Strict-Transport-Security "max-age=31536000" always; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/img.baconwood.net/chain.pem; # managed by Certbot
    ssl_stapling on; # managed by Certbot
    ssl_stapling_verify on; # managed by Certbot
}

server {
    if ($host = img.baconwood.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    server_name img.baconwood.net;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    location / {
        proxy_pass http://(my_home_ip_address);
    }
}

To ensure the problem isn't related having the real visitor IP address, I took care of adding this on my home server's apache.conf
Code: 
RemoteIPHeader X-Forwarded-For

I could really use some help. I'm sorry if I missed some information, I'd be happy to share more if necessary, just let me know what you need to know. It's pretty much the last piece of my puzzle!

Thanks.
 
swipe said:
My nginx reverse proxy server on my VPS is configured as such
Click to expand...
When using a reverse proxy is this layer which limits request handling. You need to add this to your nginx configuration:

NGINX: 
client_max_body_size 64m;

swipe said:
RemoteIPHeader X-Forwarded-For
Click to expand...
X-Forwarded-For contains the chain of IPs involved in proxy resolution, for Chevereto you need to pass the header that denotes the unique client IP. This vary depending on your proxy setup, in 4.0.3 I added an environment variable for trusting headers from proxy.
👉 https://v4-docs.chevereto.com/application/configuration/environment.html#proxy

If you are into providing multiple Chevereto installations in one machine I recommend this: https://github.com/chevereto/docker our Docker provisioning is way superior than the VPS one.
 
Hey, I tried to add client_max_body_size 64m; to my nginx proxy config and it seems to have resolved the problem! Thanks a bunch.

I do want to say I'm pretty satisfied with chevereto. I'm not trying to make anything big, just trying to take ownership of my photo collection and free myself from big tech. This setup is perfect for me. Thanks a lot.
 
You must log in or register to reply here.
Back
Top