[BUG] tinyauth breaks websocket #580
Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
Hi
With tinyauth enabled in grist (spreadsheets server) proxy-conf websockets do not work.
In self-check it throws:
url
wss://grist.<domain>/
error
Unexpected server response: 302
As soon as I comment tinyauth-location.conf (leaving tinyauth-server.conf) everything works again.
I'm not exactly a web dev so I'm unable to diagnose it more specifically.
Expected Behavior
Websockets work with tinyauth enabled.
Steps To Reproduce
Configure grist with tinyauth and check admin panel self-check.
Environment
- OS: Arch linux
- How docker service was installed: With docker-compose snippet from readme
- HTTP/3 is enabledCPU architecture
x86-64
Docker creation
swag:
container_name: swag
image: lscr.io/linuxserver/swag:latest
environment:
- TZ=Europe/Warsaw
- PUID=1000
- PGID=1000
- EMAIL=<email>
- URL=<domain>
- SUBDOMAINS=wildcard
- ONLY_SUBDOMAINS=true
- VALIDATION=dns
- DNSPLUGIN=cloudflare
- SWAG_AUTORELOAD=true
- DOCKER_MODS=linuxserver/mods:swag-dashboard|ghcr.io/linuxserver/mods:swag-crowdsec
- CROWDSEC_LAPI_URL=http://192.168.1.1:8080
- CROWDSEC_API_KEY=${CROWDSEC_KEY}
- DOCKER_HOST=tcp://host.docker.internal:2375
extra_hosts:
- host.docker.internal:host-gateway
ports:
- 443:443/tcp
- 443:443/udp
- 853:853/tcp
- 853:853/udp
volumes:
- /docker/appdata/swag:/config
- /etc/localtime:/etc/localtime:ro
restart: unless-stoppedContainer logs
[mod-init] Running Docker Modification Logic
[mod-init] Adding linuxserver/mods:swag-dashboard to container
[mod-init] linuxserver/mods:swag-dashboard at sha256:16d37722ab942242e62390f485e6500872d4eac524d0826ac7c96a6c4cce1516 has been previously applied skipping
[mod-init] Adding linuxserver/mods:swag-crowdsec to container
[mod-init] linuxserver/mods:swag-crowdsec at sha256:902c4b0a9b6eeee357dbdcfc9d53270e53864fa7e396efd3202898409f4a688c has been previously applied skipping
[migrations] started
[migrations] 01-nginx-site-confs-default: skipped
[migrations] 02-swag-old-certbot-paths: skipped
[migrations] done
usermod: no changes
───────────────────────────────────────
██╗ ███████╗██╗ ██████╗
██║ ██╔════╝██║██╔═══██╗
██║ ███████╗██║██║ ██║
██║ ╚════██║██║██║ ██║
███████╗███████║██║╚██████╔╝
╚══════╝╚══════╝╚═╝ ╚═════╝
Brought to you by linuxserver.io
───────────────────────────────────────
To support the app dev(s) visit:
Certbot: https://supporters.eff.org/donate/support-work-on-certbot
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID: 1000
User GID: 1000
───────────────────────────────────────
Linuxserver.io version: 4.2.0-ls400
Build-date: 2025-08-05T19:30:14+00:00
───────────────────────────────────────
using keys found in /config/keys
Variables set:
PUID=1000
PGID=1000
TZ=Europe/Warsaw
URL=<domain>
SUBDOMAINS=wildcard
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
VALIDATION=dns
CERTPROVIDER=
DNSPLUGIN=cloudflare
EMAIL=<email>
STAGING=
Using Let's Encrypt as the cert provider
SUBDOMAINS entered, processing
Wildcard cert for <domain> will be requested
E-mail address entered: <email>
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
**** Applying the SWAG dashboard mod... ****
**** goaccess already installed, skipping ****
**** libmaxminddb already installed, skipping ****
**** Applied the SWAG dashboard mod ****
[custom-init] No custom files found, skipping...
Auto-reload: Watching the following folders for changes to .conf files:
/config/nginx
[ls.io-init] done.
nginx: [error] [lua] crowdsec.lua:119: init(): error loading captcha plugin: no recaptcha site key provided, can't use recaptcha
nginx: [alert] [lua] crowdsec_nginx.conf:4):8: [Crowdsec] Initialisation done
Server ready