System is Debian 8 with standard versions of NGINX, php5-fpm, MariaDB.
I installed over a secure connection (with a Let's Encrypt certificate).
Other sites on the same server are working fine, so I don't think it is relevant, but we have a 1:1 NAT configuration (we are reachable on a public IP (that I used to install), but our VPS sees a private IP on its NIC).
Upon finishing the installation (Welcome to Phabricator), I was notified of the following insecure resources being loaded:
Accepting to load those over plain HTTP, I created the admin user and was shown this warning on the homepage (and all subsequent pages):
Phabricator thinks you are using HTTP, but your client is conviced that it is using HTTPS. This is a serious misconfiguration with subtle, but significant, consequences. See Documentation
I can't make anything of that linked documentation, right now (it's late here). Any leads? TIA