We have a Kirby installation running in Dokku with the default heroku-buildpack-php. In this setup, Kirby is running in an Apache2 instance at port 5000, which is proxied by the main Nginx server managed by Dokku. This setup has been running perfectly for more than a year.
Every month or so, I update the composer package so it stays up-to-date. Last week I did another update, including one from PHP 7.4 to PHP 8.0. That’s when things started breaking. For some reason, Kirby is serving all panel assets over HTTP, while the app (in Nginx) is running on HTTPS. I suspect this is because Kirby guesses the protocol from Apache, which is running internally.
For a few days now I have been trying to debug this issue, but I can’t make it work. I even deleted the app completely from Dokku and built a new one from scratch. I also tried reverting back to PHP 7.4, but somehow that doesn’t work either.
Then I configured
'url' => 'https://sub.domain.com', which fixed the issues to an extent. But then I ran into many other errors copying the original accounts and sessions folders, so I’m running a clean install. That’s where I am now, with a
pushState error from the installation path:
index.js:1 DOMException: Failed to execute 'pushState' on 'History': A history state object with URL 'http://sub.domain.com/panel/installation' cannot be created in a document with origin 'https://sub.domain.com' and URL 'https://sub.domain.com/panel/installation'.
Even though I’m forcing Kirby to use HTTPS, it’s still using HTTP there. Isn’t there a way to tell Kirby to always use HTTPS, regardless of the environment’s protocol?
UPDATE: If I disable HTTPS, everything works perfectly, so that’s clearly where the issue is. I’ve now managed to do the installation over HTTP, but after installing the cert, it’s broken again.