Nginx wrongly routes to subdomain instead of "main" domain - nginx

I have a setup where Nginx acts as an entrance to some other services down the line. Specifically, there are multiple apps and a WordPress instance running in docker containers. My configuration looks like this:
server {
listen 80 default_server;
server_name domain.com;
location / {
resolver 127.0.0.11 valid=30s;
set $upstream_wp wordpress;
proxy_set_header Host $host;
proxy_pass http://$upstream_wp;
proxy_redirect off;
}
}
server {
listen 80;
server_name app1.domain.com;
location / {
resolver 127.0.0.11 valid=30s;
set $upstream_app1 app1;
proxy_set_header Host $host;
proxy_pass http://$upstream_app1;
proxy_redirect off;
}
}
What happens now is the following:
domain.com: gets routed to app1 (should be wordpress)
domain.com/anything: gets routed to wp (correct)
app1.domain.com: gets routed to app1 (correct)
app1.domain.com/anything: gets routed to app1 (correct)
I don't understand why the first one does get routed to the app. Any suggestions?

Related

Nginx - Redirect domain to localhost:port content

I installed Nginx on my server (my server uses WHM). And on this server has two accounts. Each account will run a server a NextJS site and each account has its own domain.
Site1 will run on port 3000
Site2 will run on port 3004
What I want to do is:
I want to access domain1 I see the content of my site1 in NextJS that runs on localhost:3000
And when I access domain2 I see the content of my site2 on NextJS running on localhost:3004
I tried to do a Nginx implementation for site1. But when I accessed it I saw a Cpanel screen, and the url was dominio1/cgi-sys/defaultwebpage.cgi
Here's the Nginx implementation I tried to do:
server {
listen 80;
server_name computadorsolidario.tec.br www.computadorsolidario.tec.br ;
location / {
proxy_pass http://localhost:3004;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
}
}
So how do I do this setting for nginx to have this behavior? And I'm changing the correct file?
Note: I created the configuration file in /etc/nginx/conf.d/users/domain1/domio1.conf And within /etc/nginx/conf.d/users have several configuration files with the name of the accounts you have on the server. (They are already implemented.)
Try
server {
listen 80;
server_name www.domain1.com;
proxy_pass http://127.0.0.1:3000;
}
server {
listen 80;
server_name www.domain2.com domain2.com;
proxy_pass http://127.0.0.1:3004;
}
Each domain listens on same port and reverse-proxies to local network on the ports you specify. To differentiate between hosts, specify the server_name field.
server {
listen 80;
server_name www.domain1.com;
location / {
proxy_pass http://127.0.0.1:3000;
}
}
server {
listen 80;
server_name www.domain2.com domain2.com;
location / {
proxy_pass http://127.0.0.1:3004;
}
}

Nginx: How to deploy front end & backend apps on same machine with same domain but different ports?

I have two apps one for frontend built using ReactJS and one is for backend built using FastAPI. I have server machine where I have deployed both the apps. Now I want to use Nginx (because of SSL) to host both my application on the same machine with same domain name but the ports are different. I know how to do it for different domains or subdomain but I don't have another domain/subdomain with me right now. So I want to aks how I can achive this in Nginx?
For example my FE is using port 5000 & BE is using 8000,I am able to configure Nginx to serve my FE but I am getting this error,
Blocked loading mixed active content
because my FE which is httpstrying to connect to backend on port 8000 which is not https.
Here is my nginx config file,
server {
listen 443 ssl;
ssl_certificate /opt/ssl/bundle.crt;
ssl_certificate_key /opt/ssl/custom.key;
# add here the ip address of your server
# or a domain pointing to that ip (like example.com or www.example.com)
server_name something-c11.main0.auto.qa.use1.mydomain.net;
keepalive_timeout 5;
client_max_body_size 100M;
access_log /opt/MY_FE/nginx-access.log;
error_log /opt/MY_FE/nginx-error.log;
# checks for static file, if not found proxy to app
location / {
try_files $uri #proxy_to_app;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://localhost:5000;
proxy_redirect off;
}
}
server {
if ($host = something-c11.main0.auto.qa.use1.mydomain.nett) {
return 301 https://$host$request_uri;
}
listen 80;
server_name something-c11.main0.auto.qa.use1.mydomain.net;
return 404;
}
Any help would be appreciated....

location "/app" cannot be inside the named location

I want to configure a nginx reverse-proxy server to redirect requests to different servers depending on :
the endpoint
whether it is a plain web request or a websocket upgrade request
I know I can use locations to manage the first point, and named locations to manage the second point, but how can I do both?
server {
listen 80 default_server;
listen [::]:80 default_server;
location /app {
location #web {
proxy_pass http://127.0.0.1:9080/app;
}
location #ws {
proxy_pass http://127.0.0.1:9081;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
}
I get the error message location "/app" cannot be inside the named location "#web"
What am I supposed to do to managed that kind of mixed trafic

NGINX not routing calls from react app to backend app

I have an AWS Ubuntu server that hosts a react front end running at 127.0.0.1:4100 and makes api calls to a Go app using port 127.0.0.1:1323. I installed Nginx and setup proxy pass for these two ports in /etc/nginx/sites-available/default config file but I only get the front end getting called by Nginx. Using chrome inspect to check why the Go app is not serving some of the functionalities from the react app, I see this error
client.js:772 GET http://127.0.0.1:1323/api/ net::ERR_CONNECTION_REFUSED
ERROR Error: Request has been terminated Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.
What am I doing wrong? Below is my default config file
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
location / {
proxy_pass http://127.0.0.1:4100;
}
location /api {
proxy_pass http://127.0.0.1:1323/;
}
}
Your server is listening to port 80:
listen 80 default_server;
listen [::]:80 default_server;
So, you should make your request to that port:
GET http://127.0.0.1/api/ => http://127.0.0.1:1323/
GET http://127.0.0.1:80/api/ => http://127.0.0.1:1323/
GET http://127.0.0.1/ => http://127.0.0.1:4100/
GET http://127.0.0.1:80/ => http://127.0.0.1:4100/
Then nginx should correctly proxy your requests.
Update
To be more clear about nginx config.
server {
listen 80 default_server; // The port nginx is listening to ipv4
listen [::]:80 default_server; // The port nginx is listening to ipv6
server_name _;
location / { // When you call this location...
proxy_pass http://127.0.0.1:4100; // You'll be redirected to this location
}
location /api { // When you call this location...
proxy_pass http://127.0.0.1:1323/; // You'll be redirected to this location
}
}
Your configuration is okay according to nginx docs.
You said your client is trying to reach http://127.0.0.1:1323/api/ but It should be requesting http://127.0.0.1/api/ (whitout the port) to be redirected to http://127.0.0.1:1323/.
Here's another example:
server {
listen 80;
server_name localhost anywebsite.com;
location ~* ^/MyApp {
proxy_pass http://localhost:5130;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_send_timeout 2m;
proxy_read_timeout 2m;
}
}
In this case, everytime my url ends with /MyApp ex.: http://anywebsite.com/api/MyApp I'm being proxyed to http://localhost:5130. But if I try to access http://localhost:5130 or http://anywebsite.com:5130/api/MyApp I won't be able because nginx is listening to port 80 only. If you want to access another port you need to specify like this:
server {
listen 80;
listen 5130;
[...]

nGinx load balancing not working

I've been trying to wrap my head around load balancing over the past few days and have hit somewhat of a snag. I thought that I'd set up everything correctly, but it would appear that I'm getting almost all of my traffic through my primary server still, while the weights I've set should be sending 1:10 to primary.
My current load balancer config:
upstream backend {
least_conn;
server 192.168.x.xx weight=10 max_fails=3 fail_timeout=5s;
server 192.168.x.xy weight=1 max_fails=3 fail_timeout=10s;
}
server {
listen 80;
server_name somesite.somesub.org www.somesite.somesub.org;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host somesite.somesub.org;
proxy_pass http://backend$request_uri;
}
}
server {
listen 443;
server_name somesite.somesub.org www.somesite.somesub.org;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host somesite.somesub.org;
proxy_pass http://backend$request_uri;
}
}
And my current site config is as follows:
server {
listen 192.168.x.xx:80;
server_name somesite.somesub.org;
index index.php index.html;
root /var/www/somesite.somesub.org/html;
access_log /var/www/somesite.somesub.org/logs/access.log;
error_log /var/www/somesite.somesub.org/logs/error.log;
include snippets/php.conf;
include snippets/security.conf;
location / {
#return 301 https://$server_name$request_uri;
}
}
server {
listen 192.168.x.xx:443 ssl http2;
server_name somesite.somesub.org;
index index.php index.html;
root /var/www/somesite.somesub.org/html;
access_log /var/www/somesite.somesub.org/logs/access.log;
error_log /var/www/somesite.somesub.org/logs/error.log;
include snippets/php.conf;
include snippets/security.conf;
include snippets/self-signed-somesite.somesub.org.conf;
}
~
And the other configuration is exactly the same, aside from a different IP address.
A small detail that may or may not matter: One of the nodes is hosted on the same machine of the load balancer - not sure if that matters.
Both machines have correct firewall config, and can be accessed separately.
No error logs are showing anything of use.
The only possible thing I could think of is that the nginx site config is being served before the load balancer; and I'm not sure how to fix that.
With another look at the configuration and realized I could have just as easily had the site config that's on the load balancer listen on 127.0.0.1 and relist that among my available servers in the load balancer.
nGinx config for site on load balancer listening on localhost:80/443 solved this issue.

Resources