Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in
  • tutor-server tutor-server
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 10
    • Issues 10
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
  • Merge requests 0
    • Merge requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Issue
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • totemtotem
  • tutor-servertutor-server
  • Issues
  • #46
Closed
Open
Issue created Feb 24, 2021 by Maarten de Waard@maarten👼Developer

Admin interface not available

Since the Tutor upgrade (/ open edX upgrade to Koa), the Django admin interface at https://learn.totem-project.org/admin/ is not available and always returns a 403.

The reason for this is that we have an nginx IP address filter on that page. The Tutor upgrade put Caddy between nginx and the LMS. As a result nginx only sees requests that come from Caddy, and filters based on that.

The nginx logs confirm this:

nginx_1            | 2021/02/24 09:18:51 [error] 10#10: *9050 access forbidden by rule, client: <not my IP address>, server: learn.totem-project.org, request: "GET /admin/ HTTP/1.1", host: "learn.totem-project.org"

2 solutions possible:

  1. Move the IP filter to caddy
  2. Make sure nginx gets a forwarded IP address from Caddy. The nginx logs do seem to include IP addresses from users, so it seems like Caddy even already forwards something.
Assignee
Assign to
Time tracking