I have deployed medusa js on on a digital ocean droplet with Nginx.
It works fine on the local host when I run npm start and access the admin UI at http://localhost:9000/app
but when I try to do the same on the server with the same env variables it just redirects me back to the login page.
it gives 401 errors like this
here are details of one of the request
here are my evs
DATABASE_TYPE=postgres
DATABASE_URL=postgresql://.....
JWT_SECRET=bVra...
COOKIE_SECRET=J31X...
NPM_CONFIG_PRODUCTION=false
YARN_PRODUCTION=false
NODE_ENV=production
also when I try to fetch normal store API like https://api.everydayoptics.in/store/products it works fine:
I am using the default admin panel on the same domain, so it should not be a CORS error.
Here is my Nginx config I just left the root routes(everydayoptics.in and www.everydayoptics.in) to show the default Nginx page for now and use the API subdomain (api.everydayoptics.in) for the backend and admin panel.
server {
listen 80;
listen [::]:80;
server_name everydayoptics.in www.everydayoptics.in api.everydayoptics.in;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name www.everydayoptics.in;
ssl_certificate /etc/letsencrypt/live/everydayoptics.in/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/everydayoptics.in/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
return 301 https://everydayoptics.in$request_uri;
}
server {
server_name everydayoptics.in;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/everydayoptics.in/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/everydayoptics.in/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
try_files $uri $uri/ =404;
}
}
server {
server_name api.everydayoptics.in;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/everydayoptics.in/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/everydayoptics.in/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://localhost:9000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
So, this was an Nginx config issue, adding the following lines in the location of the last server block fixed my problem.