PrestaShop, Docker, SSL, Nginx Reverse Proxy

This is a common problem for Prestashop as viewed on the https://github.com/PrestaShop/docker and Prestashop forums. Here’s some configurations I found necessary to handle this. I was able to get it working. First off, there are a few files you need to keep in mind: The DB has two tables: ps_shop_url, ps_ssl_enabled, which must be edited manually. The nginx.conf must have the right settings (they can be the same as a wordpress reverse proxy, so start there). And it was necessary to set $_SERVER[‘HTTPS’] = ‘on’; in the prestashop_root/config/ folder under one of the defines. I used defines_custom.inc.php. I understand this is not best practice, but I got it to work. Interested users should research where it’s best to put custom edits for Prestashop. Here’s quickly some more notes:

nginx.conf:
# shopping site redirect
server {
#server tokens hides the nginx identifying itself
server_tokens off;
server_name shop.mysite.com;
listen 80;

 

location ^~ /.well-known {
alias /var/www/html/.well-known/;
#autoindex on;
}
location / {
##** nginx redirect ALL http requests to https ** ##
return 301 https://$server_name$request_uri;
#from gist mentioned below
#rewrite ^ https://$host$request_uri? permanent;}
}server {
#server tokens hides the nginx identifying itself
server_tokens off;
server_name shop.mysite.com;
#listen 80;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem;location / {
proxy_redirect off;
proxy_pass http://prestashop;#these were from wp, but not usable here, according to:
#https://gist.github.com/chroriginal/8d8ea7d284bcc42055a6ba18c04aeccf
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;#this was from gist, but doesn't work.
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header Host $http_host;
#proxy_set_header X-Forwarded-Proto https;
#from git issues tracker
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;}}

Here is the docker-compose.yml:

version: '3'


services:
  nginx:
    image: nginx:latest
    container_name: production_nginx
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - /etc/letsencrypt/:/etc/letsencrypt/
      - ./webroot/:/var/www/html/
    ports:
#be careful with these. Port 80 on container side must match nginx listen port. the host side port, is only for the docker proxy.
      - 80:80
      - 443:443

    restart: always
#    command: [nginx-debug, '-g', 'daemon off;']

  db_prestashop:
    image: mysql:5.7
    environment:
      - MYSQL_ROOT_PASSWORD=xxxxxx
      - MYSQL_USER=xxxxxx
      - MYSQL_PASSWORD=xxxxxx
      - MYSQL_DATABASE=prestashop
    volumes:
      - ./db_data_presta:/var/lib/mysql
      - ./db_conf_presta:/etc/mysql/
    restart: always

  prestashop:
    depends_on:
        - db_prestashop
    image: 'prestashop/prestashop'
    volumes:
       - ./presta_root:/var/www/html/
    environment:
      - DB_SERVER=db_prestashop
      - ADMIN_MAIL=xxxxxx
      - ADMIN_PASSWD=xxxxxx
      - VIRTUAL_HOST=https://URLHERE
      - VIRTUAL_PORT=80
      - PS_DOMAIN=https://URLHERE
      - DB_NAME=prestashop
      - DB_USER=xxxxxx
      - DB_PASSWD=xxxxxx
      restart=always

I don’t believe the DB_NAME or DB_USER variable is used in docker for prestashop. DB config is done at installation. Virtual host likewise, may not be necessary.

use prestashop
SELECT NAME, VALUE FROM ps_configuration WHERE NAME IN ('PS_SSL_ENABLED', 'PS_SSL_ENABLED_EVERYWHERE');
UPDATE ps_configuration SET VALUE = '1' WHERE NAME IN ('PS_SSL_ENABLED', 'PS_SSL_ENABLED_EVERYWHERE');
SELECT NAME, VALUE FROM ps_configuration WHERE NAME IN ('PS_SSL_ENABLED', 'PS_SSL_ENABLED_EVERYWHERE');

Also, one other change on the DB. You should ensure that your shop URL is set to be something like URL.com
You do NOT want https://URL.com in either domain or domain\_ssl in ps\_shop\_url

mysql> select * from ps_shop_url;
+-------------+---------+--------------------------+--------------------------+--------------+-------------+------+--------+
| id_shop_url | id_shop | domain                   | domain_ssl               | physical_uri | virtual_uri | main | active |
+-------------+---------+--------------------------+--------------------------+--------------+-------------+------+--------+
|           1 |       1 | shop.steaky.com | shop.steaky.com | /            |             |    1 |      1 |
+-------------+---------+--------------------------+--------------------------+--------------+-------------+------+--------+
1 row in set (0.00 sec)

3 Replies to “PrestaShop, Docker, SSL, Nginx Reverse Proxy”

  1. Hi. I have a VPS with an existing nginx installation that serves as reverse proxy for other apps, so I can’t replace it with a containerized nginx. I tried your configs and it worked perfectly for the install process. But when I enable SSL in the DB, I start getting inifinite redirects when I open the front page. Without SSL enabled it looks terrible because urls are being loaded with http, so the browser blocks them.
    Do you have any idea of what might be the cause of that?
    Thanks for the tutorial.

    1. I would recommend starting out with a fresh VPS, or local machine to start. Spin up a VM, if necessary. There were a number of changes that were necessary to fix the errors (including redirects) that I was getting. I tried to cover them all in this doc. As I mentioned, the prestashop forums, and issues tracker are good places to start. Did you make the changes in Nginx that are similar to wordpress? WordPress has an common issue with SSL, and it’s covered well online. You might need that. Something like:
      https://sceptico.wordpress.com/2019/02/14/nginx-reverse-proxy-setting-for-standalone-apache-wordpress-server/
      As an example, here is what I have for one of my nginx.conf wordpress reverse proxy ssl settings (the proxy pass and header settings):

          location / {
              proxy_redirect        off;
              proxy_pass http://dockerwordpresshostname;
              proxy_set_header      X-Real-IP $remote_addr;
              proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
              proxy_set_header      Host \$host;
          }
      

Leave a Reply

Your email address will not be published. Required fields are marked *