Where am I wrong? I want to run keycloak 18.0.0 server with HTTP public ip using Nginx but the page is incompletely loaded.
My keycloak configuration:
Nginx:
# .NET Core
location /api/ {
proxy_pass http://localhost:5001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /auth
{
proxy_pass http://localhost:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
Obs.: I'm uploading the project from a zipped keycloak file.
You are using context path /auth. That was default context path for Keycloak until version 16.x. You need to configure context path explicitly for Keycloak 17+. Configure hostname-path + proxy pass to http://localhost:8080/auth/.
Doc: https://www.keycloak.org/server/all-config
Related
I'm using Nginx as a reverse proxy for my services.
I use the following config:
location = /order-service/hubs {
proxy_pass http://order-service/hubs;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
# Configuration for WebSockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_cache_bypass $http_upgrade;
# Configuration for LongPolling or if your KeepAliveInterval is longer than 60 seconds
proxy_read_timeout 100s;
}
location /order-service/ {
proxy_pass http://order-service/;
proxy_http_version 1.1;
proxy_redirect off;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
# Configuration for WebSockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_cache_bypass $http_upgrade;
auth_basic "Permitted Area";
auth_basic_user_file /etc/nginx/.htpasswd;
}
As you see the lower part requires basic authentication.
But if I want to establish a signalR connection to /order-service/hubs it also asks for authentication.
As I understand the documentation the location match with = stops if something matches, so why it asks for authentication?
I want to use Nginx create a gateway to receive requests and pass them along to a network of microservices.
What I need Nginx to do is just act as a proxy server, taking the requests, passing them along to whatever service, and returning the response without any changes.
This is my configuration for my local setup:
server {
listen 8080;
location /api/register/ {
proxy_pass http://micro_auth_backend:8082;
}
location /api/location/ {
proxy_pass http://localhost:8088;
}
}
It works correctly for GET requests, but when doing a POST call, the server will always receive a GET response.
I have tried adding some more configs inside the location, such as this example below, but so far nothing has worked:
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Any suggestions would be appreciated.
Thank you
Just removed the trailing slash on location:
location /api/register {
proxy_pass http://micro_auth_backend:8082;
}
Now it works.
you can add this code to your nginx.conf file. It works for me.
location /api/register/ {
proxy_pass http://localhost:8082;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /api/location/ {
proxy_pass http://localhost:8088;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
Hello i would like to pass all of this config to apache2, i'am just not sure how to do it i actually need every line of nginx to apache2? if someone could spare two minutes to write.
server {
server_name app.my.com;
location / {
proxy_pass http://127.0.0.1:3001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
}
I am deploying multiple websites to an Ubuntu server equipped with Nginx. I also use the proxy_pass feature to pass the traffic to the service.
The problem is whichever websites is set on Nginx first, all incoming traffics are rerouted to.
I created 3 different .conf files in /etc/nginx/conf and here is the details for each:
subdomain1.conf
server {
listen <the second ip>:80;
server_name subdomain1.mydomain.com;
location / {
proxy_pass http://127.0.0.1:11111;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
subdomain2.conf
server {
listen <the second ip>:80;
server_name subdomain2.mydomain.com;
location / {
proxy_pass http://127.0.0.1:22222;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
subdomain3.conf
server {
listen <the second ip>:80;
server_name subdomain3.mydomain.com;
location / {
proxy_pass http://127.0.0.1:33333;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Finally, I reload Nginx using the following command line:
sudo nginx -s reload
However, all incoming traffics for other subdomains (subdomain2 and subdomain3) are somehow passed to subdomain1. What I have noted so far is whichever set first, all incoming traffics are bound to it.
I have a nginx as a reverse proxy in a containerised application. I have an issues in which when I add proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; my deployment does not work.
here is the part of location block in my nginx.conf file.
location #app {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Real-IP $remote_addr;
}
but when i replace $proxy_add_x_forwarded_for with http_x_forwarded_for the deployment works but i am unable to pass the real client ip.
Can anyone please confirm if this is syntactically correct & we can add proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; after proxy_pass?
I can confirm that
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
is correct.
I have a running location block:
location / {
proxy_pass http://127.0.0.1:3333;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}