From c6cc030052a14ade2cf2f3402eb59fc3b32fa05d Mon Sep 17 00:00:00 2001 From: Cal Corum Date: Fri, 20 Feb 2026 14:16:42 -0600 Subject: [PATCH] store: Fix: NPM health check needs /api/schema not /api; Ghost HTTP check removed due to HTTPS redirect --- ...pischema-not-api-ghost-http-chec-58f995.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 graph/fixes/fix-npm-health-check-needs-apischema-not-api-ghost-http-chec-58f995.md diff --git a/graph/fixes/fix-npm-health-check-needs-apischema-not-api-ghost-http-chec-58f995.md b/graph/fixes/fix-npm-health-check-needs-apischema-not-api-ghost-http-chec-58f995.md new file mode 100644 index 00000000000..cf2df2fdae0 --- /dev/null +++ b/graph/fixes/fix-npm-health-check-needs-apischema-not-api-ghost-http-chec-58f995.md @@ -0,0 +1,26 @@ +--- +id: 58f9959c-19a1-480a-8bbe-802f6f5b05ed +type: fix +title: "Fix: NPM health check needs /api/schema not /api; Ghost HTTP check removed due to HTTPS redirect" +tags: [monitoring, n8n, homelab, fix, nginx-proxy-manager, ghost, http-checks] +importance: 0.5 +confidence: 0.8 +created: "2026-02-20T20:16:42.535881+00:00" +updated: "2026-02-20T20:16:42.535881+00:00" +--- + +## Problem 1: Nginx Proxy Manager API endpoint + +When configuring HTTP health checks for Nginx Proxy Manager, `/api` returns 404. The correct endpoint is `/api/schema` which returns HTTP 200. + +- Correct URL: `http://10.10.0.16:82/api/schema` + +## Problem 2: Ghost CMS HTTP check redirect loop + +Ghost CMS on sba-bots exposes port 2368, but Ghost returns a 301 redirect to HTTPS. With `allow_redirects=True` in `health_check.py`, the redirect target (HTTPS) causes a connection refused error from CT 302 since there is no HTTPS listener on that IP from CT 302's perspective. + +**Resolution:** Removed the Ghost HTTP check entirely. Container-level health check is sufficient, and Ghost is non-critical. Attempting to health check Ghost via HTTP from an internal network perspective is unreliable when it redirects to an external HTTPS hostname. + +## Lesson + +For services that redirect HTTP to HTTPS, rely on container health checks rather than HTTP endpoint checks when the HTTPS target is not accessible from the monitoring host.