[BUG] Some URLs don't get proxied, apparently with no pattern.

[RaduTek]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

While trying to get Home Assistant set up through the proxy, I have noticed that certain features of the dashboard don't load.

https://subdomain.example.com/frontend_latest/92840.iVPDhi3ySC4.js
https://subdomain.example.com/frontend_latest/89936.br-lbzf4X2w.js
https://subdomain.example.com/frontend_latest/87501.f6_TT1Pv5G4.js

I opened these URLs in a new tab and found they all return the welcome page: www/index.html.

I noticed that any modifications to the URLs result into them being proxied through correctly. I haven't been able to identify a pattern that results in the odd behaviour.

Expected Behavior

The URLs should be proxied through.

Steps To Reproduce

1. Set up a Home Assistant instance with the proxy
2. Open the dashboard and look in developer console
3. Find URLs that do not load

To rule out any chance of Home Assistant causing the problem:

1. Remove proxy IP address from configuration.yaml - This results in all requests from proxy server returning a 400 error code
2. Try to open the found problematic URLs (either through a web browser or cURL)
3. Find that they still return the welcome page

To check if anything gets proxied through:

1. Modify any of the problematic URLs (insert or remove a character anywhere)
2. Try to open the URLs (either through a web browser or cURL)
3. Observe that the 400 error code is returned

Environment

- OS: Debian 12
- How docker service was installed: distro's package manager

CPU architecture

x86-64

Docker creation

services:
    swag-server:
        image: lscr.io/linuxserver/swag
        container_name: swag-server
        cap_add:
            - NET_ADMIN
        environment:
            - PUID=${APPUSER_PUID}
            - PGID=${APPUSER_PGID}
            - TZ=${TIMEZONE}
            - URL=${MY_URL}
            - SUBDOMAINS=wildcard
            - VALIDATION=dns
            - DNSPLUGIN=cloudflare
            - EMAIL=${MY_EMAIL}
            - ONLY_SUBDOMAINS=false
            - DOCKER_MODS=linuxserver/mods:swag-auto-reload
        volumes:
            - ./config:/config
        ports:
            - 1343:443
            - 1342:80
        restart: unless-stopped

Container logs

[mod-init] Running Docker Modification Logic
[mod-init] Adding linuxserver/mods:swag-auto-reload to container
[mod-init] Downloading linuxserver/mods:swag-auto-reload from lscr.io
[mod-init] Installing linuxserver/mods:swag-auto-reload
[mod-init] linuxserver/mods:swag-auto-reload applied to container
[migrations] started
[migrations] 01-nginx-site-confs-default: skipped
[migrations] done
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
Certbot: https://supporters.eff.org/donate/support-work-on-certbot

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    100
───────────────────────────────────────
Linuxserver.io version: 2.11.0-ls313
Build-date: 2024-07-27T03:23:38+00:00
───────────────────────────────────────
    
using keys found in /config/keys
Variables set:
PUID=1000
PGID=100
TZ=Europe/Bucharest
URL= <redacted>
SUBDOMAINS=wildcard
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=false
VALIDATION=dns
CERTPROVIDER=
DNSPLUGIN=cloudflare
EMAIL= <redacted>
STAGING=

Using Let's Encrypt as the cert provider
SUBDOMAINS entered, processing
Wildcard cert for <redacted> will be requested
E-mail address entered: <redacted>
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
**** Adding swag-auto-reload deps to package install list ****
[pkg-install-init] **** Installing all mod packages ****
fetch http://dl-cdn.alpinelinux.org/alpine/v3.20/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.20/community/x86_64/APKINDEX.tar.gz
(1/2) Installing inotify-tools-libs (4.23.9.0-r0)
(2/2) Installing inotify-tools (4.23.9.0-r0)
Executing busybox-1.36.1-r29.trigger
OK: 199 MiB in 219 packages
[custom-init] No custom files found, skipping...
MOD Auto-reload: Watching the following files/folders for changes (excluding .sample and .md files):
/config/nginx
[ls.io-init] done.
Server ready

[github-actions]

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

[RaduTek]

This is the Nginx configuration file homeassistant.subdomain.conf:

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name hass.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.1.200;
        set $upstream_port 1399;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

    location ~ ^/(api|local|media)/ {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.1.200;
        set $upstream_port 1399;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}

[RaduTek]

I can also add that I cannot reproduce this issue on a subdomain that proxies to a different service.

[aptalca]

This is most likely an nginx configuration issue (outside of your HA proxy conf) on your end. Let's continue on discord and if it turns out to be a bug, you can reopen this issue.