I have defined a reverse proxy like this:
server {
listen 443 ssl;
server_name testing.com;
ssl_certificate "C:/nginx/testing.crt";
ssl_certificate_key "C:/nginx/testing.key";
location / {
proxy_pass "http://127.0.0.1:8888/";
}
}
The reverse proxy works as intended. Now that we got that out of the way:
I have a case where i need to pass parameters in the URL and some of the parameters sometimes end with a dot (.) like this "https://testing.com/param1./param2/param3/param4."
But for some reason the URL that is received at the server looks like this "127.0.0.1:8888/param1/param2/param3/param4"
If i call the server directly like this "127.0.0.1:8888/param1./param2/param3/param4.", the parameters are correct. My guess is that nginx modifies the URL. Maybe the issues lies somewhere else...
I am on Windows 10. The server is a Go (golang) server that uses only built in libraries. I have setup self signed certificates and edited my hosts file (never had issues with those).
ALSO - my friend who is also working on this project has no issues even tho we have identical nginx setups, but the only difference is that he is on Linux.
Related
I'm successfully able to run a flask app on my IP:5000 path. A simple Hello World program that shows the output on my browser.
Now, what I would like to do is to configure NGINX with a proxy so that if I access only IP which apparently runs on a default port 80, it should navigate to port 5000 and show output of my application.
In other words...
This is working : IP:5000 -> Output = Hello world
This isn't working: IP -> This site can’t be reached
The server settings that I want to add would be something like this.
server {
listen 80;
server_name MY_IP;
location / {
proxy_pass http://127.0.0.1:5000;
}
}
However, I'm not sure where to add this? Should it be inside http block inside /etc/nginx/nginx.conf?
Updates: Based on the answers given below, I've managed to do the following.
I did restart nginx after this. However, I'm still facing the same issue. App works on IP:5000 but does not work on IP
The configuration you have mentioned should be in a separate file, assume example.com.conf under /etc/nginx/conf.d. You can put all the configuration in /etc/nginx/nginx.conf and it'll work, it's just that for readability we create separate configuration files which would be auto included when you add it inside conf.d.
Ok, the problem is fixed. As #senaps and #Mukanahallipatna had mentioned, I created the new configuration file under conf.d.
However, the most imp step that I was missing was this part mentioned in the below link.
It is recommended that you enable the most restrictive profile that will still allow the traffic you've configured. Since we haven't configured SSL for our server yet, in this guide, we will only need to allow traffic on port 80.
Reference Link
sudo ufw allow 'Nginx HTTP'
Now, everything is working fine.
Put the working blocks in a file with any_name.conf inside the folder named /etc/nginx/conf.d and it will be loaded automatically.
You will need to restart your nginx.
update:
What are you using to serve flask? if you are using uwsgi, then you should use configurations like this:
include uwsgi_params;
uwsgi_pass unix:path_to_your.sock;
Other options for uwsgi_pass are:
uwsgi_pass localhost:9000; #normal
uwsgi_pass uwsgi://localhost:9000;
uwsgi_pass suwsgi://[2001:db8::1]:9090; #uwsgi over ssl
If you are using gunicorn to serve your flask app, then your current configs should be fine, check if your app is running and if you can get your index page or not using 5000 port, then check for other problems. your configs looks good, maybe it's a problem on flask not being run?
I have nginx installed on a Raspberry Pi and this works okay. What I want to do is redirect traffic for a particular port to another server, and have that traffic come back through the Raspberry Pi. I've got the following in my default sites config;
server {
listen 9001;
server_name piweb;
location /transmission {
proxy_pass http://pyrate:9001/$uri$is_args$args;
proxy_set_header Host $host:$server_port;
}
}
But that doesn't work obviously. Is this even possible, or am I barking up the wrong tree?
your configuration seems almost OK, is http://pyrate:9001 accessible from your pi ? did you try with wget or similar tools ?
You should remove the $uri$is_args$args - it passes automatically.
Note that it'll search /transmission/[request] on remote server.
I have two server sections for nginx in different files.
The first one:
server {
server_name _;
...
}
The second one:
server {
server_name ~someRegex;
...
}
I have some constraints - I can't change the first server section (i.e. I can't edit first file)
Documentation says the following about server names priority:
exact name
longest wildcard name starting with an asterisk, e.g. “*.example.org”
longest wildcard name ending with an asterisk, e.g. “mail.*”
first matching regular expression (in order of appearance in a configuration file)
As I understand server_name _ is used as catch-all server.
So when I have request from host matched someRegex request is handled by first server section. Is there a way to handle these request by second server section?
Not quite.
_ simply renders the server_name invalid. See this document.
What makes a server block the default is either being defined first for a given port or being defined with the listen ... default_server modifier. See this document.
So your configuration will work as you expect, assuming that your regex is valid and that the second server block has indeed been installed by nginx. Check your error log after reloading nginx and/or test the configuration using
nginx -t
I'm getting some problems to make spiderable work with PhantomJS on my Ubuntu server. I saw this troubleshooting on Meteorpedia:
Ensure that the ROOT_URL that your Meteor server is configured to use
is accessible from the server itself. (Since v0.8.1.3[1])
I think that this could be a possible answer to why it is not working. What is exactly the purpose of this environment variable?
My application is publicly accessible on http://gentlenode.com/ but my proxy_pass on nginx is set to http://gentlenode/.
# HTTPS Server
server {
listen 443;
server_name gentlenode.com;
# ...
location / {
proxy_pass http://gentlenode/;
proxy_http_version 1.1;
# ...
}
}
Should I set ROOT_URL to http://gentlenode.com/, to http://gentlenode/ or to http://localhost/?
You can find my nginx configuration here: https://gist.github.com/LeCoupa/9877434
The ROOT_URL environment variable should be set to the URL that clients will be accessing your application with. So in your case, it would be http://gentlenode.com or https://gentlenode.com.
The ROOT_URL environment variable is read by Meteor.absoluteUrl, which is used in many (core) packages. Thus, setting ROOT_URL may be a requirement if you use these packages. spiderable is one such package.
// Line 62 of spiderable_server.js
var url = Spiderable._urlForPhantom(Meteor.absoluteUrl(), req.url);
I'll admit that we don't use spiderable so I'm not 100% certain if this will fix your problem, but here's what we do...
We set ROOT_URL to the URL which clients will use to initially connect. In your case, the nginx config automatically upgrades all HTTP requests to HTTPS, so all requests will be seen by your app under https://gentlenode.com. I think you should start your server after:
export ROOT_URL=https://gentlenode.com
Your proxy_pass section may be correct. We manually spell out the name of the local port. So we'd write:
proxy_pass http://localhost:58080;
If you have something that works already, this may not be necessary. I don't know all the quirks of nginx well enough to say if that part matters.
I have two servers, with identical minimal configuration (as far as I know!).
On server A, a query for
http://xxx.yyy.zzz.A/
returns the default nginx index.html page
On server B, a query for
http://xxx.yyy.zzz.B/
returns the default nginx index.html page
On server A, a query for
http://xxx.yyy.zzz.A/?%2F
returns the default nginx index.html page
On server B, a query for
http://xxx.yyy.zzz.B/?%2F
returns Error 324 (net::ERR_EMPTY_RESPONSE)
%2F is a CGI encoded forward slash, which is how I found this problem. It also seems to happen on %2G, %2H and %2I. I stopped testing here.
The 324 request does not show in access or error logs.
The relevant nginx.conf is
server {
listen 80 default_server;
server_name "";
location / {
root html;
index index.html index.htm;
}
}
What could possibly be the issue, or how could I further track it down?
Often problems like "hey this works half the time" or "this works on server A but not on server B" are loadbalancing/ proxy problems.
Did you check the configuration of your loadbalancer? Big chance something is wrong there and the errors are logged there.