prestashop under docker with reverse proxy URL subfolder problem - nginx

i need some help with my configuration.
I followed the example already listed here => Deploy existing Prestashop to server using Docker
In order to build a prestashop using docker. The problem is that i have in my server a revers proxy configured like this :
server {
listen 80;
listen 443 ssl http2;
server_name example1.test;
# Path for SSL config/key/certificate
ssl_certificate /etc/ssl/certs/nginx/example1.test/example1.crt;
ssl_certificate_key /etc/ssl/certs/nginx/example1.test/example1.key;
include /etc/nginx/includes/ssl.conf;
location /shop {
include /etc/nginx/includes/proxy.conf;
proxy_pass http://x.x.x.x:9001;
}
access_log off;
error_log /var/log/nginx/error.log error;
}
Options "proxy.conf" that i'm including are :
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
proxy_http_version 1.1;
proxy_intercept_errors on;
to be simple when i access "example1.test/shop" prestashop is redirecting me to the root as it doesn't know the /shop path so im getting 404 error because reverse proxy dont know / too.
example1.test/shop in the browser => redirect to example1.test/ which is not defined in the reverse proxy
i tried all things on internet to configure prestashop in order to recognize the /shop and redirection follow /shop/... but nothing works/
I think configuring prestashop is illogic as it is installed on the / of the docker container. I must change somthing in my reverse proxy to fix it like rewreting response from prestashop container to /shop or something like that.
Any ideas please ?

Related

Can't get Pocketbase running behind Ngnix as a reverse proxy

I want to use Pocketbase behind Ngnix as a reverse proxy on my Ubuntu-VPS. I followed the documentation on https://pocketbase.io/docs/going-to-production/.
I wanted to put pocketbase to /api/. When i try to connect to the pocketbase admin panel the browser shows some 404 and a ContentSecurityPolicy Error. It looks like this:
It also seems to be that some HTML is loaded from Pocketbase.
This is my current ngnix config (i replaced my domain with test.com)
server {
listen 80;
listen 443 ssl;
server_name test.com;
ssl_certificate /etc/letsencrypt/live/test.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.com/privkey.pem;
location / {
try_files $uri $uri/ /index.html;
root /var/www/html;
index index.html;
}
location /api/ {
# check http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive
proxy_set_header Connection '';
proxy_http_version 1.1;
proxy_read_timeout 360s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8090;
}
}
Pocketbase is started with the default localhost settings on the VPS.
I can even access pocketbase over http://127.0.0.1:8090/api/ when i'm connected via SSH in VS Code and see the requests in the log. (i am surprised that this is even possible. At first i tought i had pocketbase running on my local machine but when i killed the backend on my vps i couldn't access it anymore)
I hope that somebody can help me out as i can't find much about this in the internet.
Problem solved. It works when append a / to the address at the proxy_pass directive
proxy_pass http://127.0.0.1:8090/;

Setting up reverse proxy for organizr (nginx) on docker

I have tried a lot of searching and trial and errors to set up reverse proxy for organizr but it seems to not work. need help from you experts.
My Setup: All on Dockers
nginx: docker instance setup to serve my multiple domains using wordpress.
organizr: separate docker instance for my media. The config files are in separate folder. I can access this locally without any issues. I intend to put this behind one of my domains as a subdomain ex. organizr.domain.com.
with below config, I always get upstream timed out (110: Connection timed out). I have followed many tutorials but may have mixed up the config now. I would appreciate if someone could help with clear instructions to set this up.
conf file in nginx's folder
# Organizr Subdomain
upstream organizr_backend {
server 192.168.X.X:9999;
}
server {
listen 443 ssl http2;
server_name organizr.domain.co.uk;
ssl_certificate /etc/letsencrypt/live/domain.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.co.uk/privkey.pem;
ssl_prefer_server_ciphers on;
error_log /var/log/nginx/organizr.domain.co.uk.error.log error;
access_log /var/log/nginx/organizr.domain.co.uk.access.log main;
location / {
proxy_pass http://organizr_backend;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Searched google for many combinations, but i am unable to get the desired results.

Nginx Sub domain setup

I'm trying to setup Nginx so I can have sub domains like
www.MySite.com - Main website (Works correctly)
jenkins.MySite.com - sub domain for Jenkins
gitlab.MySite.com - sub domain for Gitlab
I've tried following various tutorials and I seem to have included everything required to make this work, but still to no avail.
I've followed this: https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-with-ssl-as-a-reverse-proxy-for-jenkins
and various other sources online.
[Nginx Server Block]
I've edited my nginx.conf file, I've created a new nginx/sites-available conf file for Jenkins and symlinked it to sites-enabled.
This is my default jenkins JENKINS_ARGS
JENKINS_ARGS="--webroot=/var/cache/jenkins/war --httpListenAddress=127.0.0.1 --httpPort=$HTTP_PORT -ajp13Port=$AJP_PORT"
This is an example of my jenkins server block in nginx
server
{
listen 80;
return 301 https://$host$request_uri;
}
server
{
listen 443;
server_name jenkins.MySite.com;
#ssl_certificate /etc/nginx/cert.crt;
#ssl_certificate_key /etc/nginx/cert.key;
#ssl on;
#ssl_session_cache builtin:1000 shared:SSL:10m;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
#ssl_prefer_server_ciphers on;
access_log /var/log/nginx/jenkins/access.log;
location /
{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the “It appears that your reverse proxy set up is broken" error.
proxy_pass http://127.0.0.1:8080;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 https://jenkins.MySite.com;
}
}
I've also created an A record in DigitalOcean - Network
and also a CNAME
Much help would be appreciated.
Thanks
All these 3-setups need separate ngnix config files and supervirosor files as you did for main site. make soft link of those files and put them in respective etc/nginx/sites-avai and sites-enable and also soft link the supervisor files to etc/supervisor/conf.d
To check whether the nginx file is properly configured, you need to test it.
sudo nginx -t

WSO2 APIM: Subdomains for different contexts

We have the WSO2 API Manager 1.10.0 deployed and working. Although we are trying to figure out if it is possible to have multiple subdomains for it.
For example:
store.domain.com
publisher.domain.com
carbon.domain.com
Is this at all possible? We've seen this https://docs.wso2.com/display/Carbon442/Adding+a+Custom+Proxy+Path, but this is for different applications, we want to do this only with the API Manager.
In front of the API Manager, we are using nginx with reverse proxy. Below, you can find a snippet from nginx to help while understanding the problem.
server {
listen 80;
server_name store.domain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl on;
ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH";#:AES128+EDH";
ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=63072000";
server_name store.domain.com;
ssl_certificate /etc/nginx/ssl/domain.com/self-ssl.crt;
ssl_certificate_key /etc/nginx/ssl/domain.com/self-ssl.key;
access_log /var/log/nginx/store.log;
underscores_in_headers on;
location / {
proxy_pass http://wso2server:9443/store/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
When attempting to access with HTTP (for the store context) all works fine, but as soon as we switch this over to HTTPS this fails with the following error in nginx upstream prematurely closed connection while reading response header from upstream however, we see nothing in API Manager logs.
Thanks in advance!
Best Regards
You can solve your issue by one of following methods.
Adding proxy_redirect configs to Nginx. So nginx will rewrite all the URLs to proper URL. Please refer the following config segment.
proxy_redirect http://wso2server/ http://store.domain.com/;
Also you can achieve the same by adding reverse proxy configurations in API Manager store. To do this Open "repository/deployment/server/jaggeryapps/store/site/conf/site.json" and see the following config section
"reverseProxy" : {
"enabled" : false, // values true , false , "auto" - will look for X-Forwarded-* headers
"host" : "sample.proxydomain.com", // If reverse proxy do not have a domain name use IP
"context":"",
//"regContext":"" // Use only if different path is used for registry
},

nginx subdomain to directory , too many redirect , why?

this is my config:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://b.c/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
and browser report to many redirects.
If, as you say, you want to proxy to localhost:8082, you need to say so in the proxy_pass line:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://localhost:8082/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
Without all of the information, it's hard to guess what's going on. Based on the comments, my guess is that you are using virtual hosting so that the upstream site is also served by the same nginx. So this line is the problem:
proxy_set_header Host $host;
The nginx variable $host is pointing to the current Host header (which matches the server_name). So if you set the same host header for the upstream again, then nginx will find the same location block above because nginx relies on the Host header to find the proper server. Thus the redirect loop.
Set
proxy_set_header Host your_upstream_server_name
will fix it then.

Resources