When I try to visit app2, this happens:
It works with http://123.456.789.255:8081
It doesn't work with https://app2.example.com, it goes to https://app2.example.com with https crossed out, but shows app1.
Why does this happen?
Here's the nginx configuration.
There are also A records for both subdomains.
events {}
http {
include mime.types;
proxy_connect_timeout 999;
proxy_send_timeout 999;
proxy_read_timeout 999;
send_timeout 999;
# APP 1 =============================================================
server {
listen 80;
server_name app1.example.com;
return 301 https://app1.example.com$request_uri;
}
server {
listen 443 ssl;
server_name app1.example.com;
ssl_certificate /etc/letsencrypt/live/app1.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/app1.example.com/privkey.pem;
location / {
proxy_pass 'http://localhost:3000/';
}
}
# APP 2 ============================================================
server {
listen 80;
server_name app2.example.com;
return 301 https://app2.example.com$request_uri;
}
server {
listen 443 ssl;
server_name app2.example.com;
ssl_certificate /etc/letsencrypt/live/app2.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/app2.example.com/privkey.pem;
location / {
proxy_pass 'http://127.0.0.1:8081';
}
}
}
Related
I have a rather simple question, i have an enviroment, where i have often changing subdomains, but some are also presistent, now i want to forward api.example.com to 1.2.3.4:8080 and all other incoming requests to 2.3.4.5:9090. My setup till now is that i forward all requests from the api subdomain points to 1.2.3.4:8080:
server {
listen 80;
listen [::]:80;
server_name api.example.com;
access_log /var/log/nginx/reverse-access.log;
error_log /var/log/nginx/reverse-error.log;
location / {
proxy_pass http://1.2.3.4:8080;
}
}
Now i need a way to point all other subdomains to 2.3.4.5:9090.
Use default_server in listen. See docs.
server {
listen 80;
listen [::]:80;
server_name api.example.com;
location / {
proxy_pass http://1.2.3.4:8080;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
location / {
proxy_pass http://2.3.4.5:9090;
}
}
All you need is to dynamically resolve your subdomains. the following config will take care of your situation.
server {
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.example\.com;
access_log /var/log/nginx/reverse-access.log;
error_log /var/log/nginx/reverse-error.log;
location / {
if ($subdomain = "api") {
proxy_pass http://1.2.3.4:8080;
}
proxy_pass http://2.3.4.5:9090;
}
}
http {
server {
listen 4443 ssl;
server_name {{hostname}};
port_in_redirect off;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
# https://stackoverflow.com/questions/32845674/setup-nginx-not-to-crash-if-host-in-upstream-is-not-found/32846603#32846603
resolver 127.0.0.1 valid=30s;
proxy_pass http://app1:8080;
}
}
server {
listen 4444 ssl;
server_name X.{{hostname}};
port_in_redirect off;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
resolver 127.0.0.1 valid=30s;
proxy_pass http://app1:8080/my/path/;
}
}
}
# http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html
# https://stackoverflow.com/questions/34741571/nginx-tcp-forwarding-based-on-hostname/40135151#40135151
stream {
upstream app1 {
server 127.0.0.1:4443;
}
server {
listen 0.0.0.0:443;
proxy_connect_timeout 10s;
proxy_timeout 5m;
proxy_pass $target;
ssl_preread on;
}
access_log /var/log/nginx/access.log basic;
error_log /var/log/nginx/error.log error;
}
This is my nginx configuration.
This is part of a docker-compose setup. I proxy requests sent to https://hostname to the app1 container successfully.
Now my goal is to send requests sent to https://X.hostname to the app1 container, however to a different path.
For example:
Client sends request to https://A.hostname
Nginx forwards it to https://app1/my/path/
However the path is not being preserved, it's just forwarding it to https://app1
Tried many different solutions available online, and none worked.
I am running into an issue where nginx is somehow redirecting over and over but I don't understand why:
server {
listen 80;
server_name splunk.trever.me;
return 301 https://splunk.trever.me$request_uri;
}
# Port 443 https config
server {
listen 443 ssl http2;
server_name splunk.trever.me;
location / {
proxy_buffers 16 4k;
proxy_buffer_size 2k;
proxy_pass http://10.0.1.1:8000;
}
access_log /var/log/nginx/splunk.trever.me/access.log;
error_log /var/log/nginx/splunk.trever.me/error.log;
}
Am I missing something here? I looked at all the documentation and it doesnt seem to be wrong. Does this mean something upstream is sending the browser back to http?
use this:
server {
server_name splunk.trever.me;
if ($http_x_forwarded_proto = "http") {
return 301 https://$host$request_uri;
}
location / {
proxy_buffers 16 4k;
proxy_buffer_size 2k;
proxy_pass http://10.0.1.1:8000;
}
access_log /var/log/nginx/splunk.trever.me/access.log;
error_log /var/log/nginx/splunk.trever.me/error.log;
}
You can redirect the requests using the IF directive in nginx config.
server {
listen 80;
listen 443;
server_name splunk.trever.me;
if ($scheme = http) {
rewrite ^/(.*)$ https://splunk.trever.me/$1 permanent;
}
location / {
proxy_buffers 16 4k;
proxy_buffer_size 2k;
proxy_pass http://10.0.1.1:8000;
}
access_log /var/log/nginx/splunk.trever.me/access.log;
error_log /var/log/nginx/splunk.trever.me/error.log;
}
I would like to redirect my website after entering www.lombo.pl to only lombo.pl (with SSL certificate).
Now when something write www.lombo.pl it does not redirect. I tried to change my nginx file but still to no avail. The user can visit my website via www.lombo.pl (which at the same time shows an error because I do not have a SSL certificate configured for this domain).
upstream app_server {
server unix:/home/app/run/gunicorn.sock fail_timeout=0;
}
server {
#listen 80;
# add here the ip address of your server
# or a domain pointing to that ip (like example.com or www.example.com)
listen 443 ssl;
server_name lombo.pl;
ssl_certificate /etc/letsencrypt/live/lombo.pl/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/lombo.pl/privkey.pem;
server_name 157.245.228.127;
keepalive_timeout 5;
client_max_body_size 4G;
access_log /home/app/logs/nginx-access.log;
error_log /home/app/logs/nginx-error.log;
location /static/ {
alias /home/app/static/;
}
# checks for static file, if not found proxy to app
location / {
try_files $uri #proxy_to_app;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
server {
listen 80;
server_name lombo.pl;
return 301 https://$host$request_uri;
}
server {
listen 80;
server_name www.lombo.pl;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name www.lombo.pl;
return 301 https://$host$request_uri;
}
I would like to achieve the following with nginx. There is one domain with different paths. Each path should proxy the request to a host on different ports:
https://example.com/path1 -> 10.0.0.1:8081
https://example.com/path2 -> 10.0.0.1:8082
https://example.com/path3 -> 10.0.0.1:8083
Something like this did not work:
location /path1 {
proxy_pass http://10.0.0.1:8081;
}
location /path2 {
proxy_pass http://10.0.0.1:8082;
}
location /path3 {
proxy_pass http://10.0.0.1:8083;
}
Is this scenario possible?
EDIT:
This is the config right now on the nginx server
server {
server_name example.com;
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate /some/path/fullchain.pem;
ssl_certificate_key /some/path/privkey.pem;
ssl_dhparam /some/path/ssl-dhparams.pem;
location /path1 {
proxy_pass http://10.0.0.1:8081;
}
location /path2 {
proxy_pass http://10.0.0.1:8082;
}
location /path3 {
proxy_pass http://10.0.0.1:8083;
}
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
}
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com;
return 404;
}
With this config the prefix path gets removed while loading the site.
https://example.com/path1/some/url -> https://example.com/some/url