Redirect /openvas/ to OpenVAS Scanner with NGINX - nginx

I'm trying to make my OpenVAS Scanner available via path in nginx.
So I tried
location /openvas/ {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;}
thats not working, it gives a blank page
When I change it to root
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; }
its working
when checking nginx logfiles it seems it gets the first page, but not the other files requested
"GET /openvas/ HTTP/2.0" 200
"GET /config.js HTTP/2.0" 404

I have checked the docker container image and just proxying the traffic trough NGINX will not work. You have to set the Public Hostname for your OpenVAS instance as well to tell OpenVAS how to server static files and build directories in the frontend.
I have found this on docker hub.
docker run -d -p 443:443 -e PUBLIC_HOSTNAME=myopenvas.example.org --name openvas mikesplain/openvas
In your case you should set the PUBLIC_HOSTNAME to example.com/openvas/. This will tell OpenVAS public domain used to access the application.
Your NGINX configuration will be
location /openvas/ {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}

Related

Nginx reverse proxy not working for location /dashboard

I have following nginx reverse proxy configuration:
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /application {
proxy_pass https://my.url:9443/application;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /dashboard {
proxy_pass http://localhost:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
my location "/" got proxied to my npm dev server, which is working great.
my location "/aplication" got proxied to my application I publish, which is working great, too!
so why does my location "/dashboard" does not work, when proxied to my other npm dev server, which listens on port 3001? What makes my concerns even stronger is the fact, that when I change the port from my default location "/" to 3001, my react app is getting accessed.
my output from sudo netstat -lntp:
tcp 0 0 0.0.0.0:3001 0.0.0.0:* LISTEN 3677/node

How do I correctly define rewrite rule?

I have a docker with a lizmap that respond in local to the address http://192.168.1.85:8090
I have a nginx that proxy https://geoservizi.pippoepluto.net/ to previous internal url.
I would like to modify https://geoservizi.pippoepluto.net/ -> https://geoservizi.pippoepluto.net/webgis and proxy always to http://192.168.1.85:8090
The problem is that I have to add /webgis/ to all urls to local machine and I do not find the way...
Thanks in advance..
My vhost block:
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.1.85:8090;
}

Configuring nginx to map pgadmin to a URI

I have an nginx and a pgadmin Docker container connected to each other. Only nginx container is exposed to the outside. How can I map pgadmin to a sub URI?
If the host is example.com, I want the pgadmin to be reachable at example.com/pgadmin/. So far, I have this in my nginx.conf file:
location ^~ /pgadmin/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://pgadmin:80/;
}
A request to example.com/pgadmin/ goes through to pgadmin but when pgadmin redirects to the login page, it redirects to example.com/login?next=%2F, not to example.com/pgadmin/login?next=%2F.
How can I make pgadmin to work at example.com/pgadmin?
I understand that you want to map http://pgadmin:80/ to http://example.com/pgadmin/.
Add the below entry in your hosts file to map pgadmin to example.com
pgadmin example.com
Now to map the :80 to /pgadmin, add the following in your nginx.conf :
location /pgadmin {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://pgadmin:80/;
}

Reverse proxy configuration for keycloak (Nginx)

I have a spring boot application (with keycloak adapter) running on port 8000 and keycloak running on 8080
I have edited my /etc/hosts file to route requests coming on my test-domain (foo.bar.com) to route to 127.0.0.1
I am not interested in SSL as of now.
My sample nginx configuration:
server {
listen 80;
server_name foo.bar.com;
location /myapp {
proxy_set_header Host $host/myapp;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port 80;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://localhost:8000/;
}
location /auth {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
}
}
Question:
Will this sample nginx conf be sufficient? I had some infinite redirects happening. Logs from keycloak adapter in my spring application say:
No State Cookie
If I do not use proxy server and instead configure the app and keycloak talk directly to each other it works. I wonder why proxy server is creating issues.
Did you configure Keycloak so that it knows it's behind a proxy?
E.g. for docker it's the option -e PROXY_ADDRESS_FORWARDING=true

nginx and docker: route all requests from each service properly

I have several services running in docker (using docker-compose), each in its own container.
I am using nginx as the proxy server.
partial nginx.conf:
upstream a_servers {
server a:8080;
}
upstream b_servers {
server b:8080;
}
server {
location / {
proxy_pass http://a_servers/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /b {
proxy_pass http://b_servers;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
Problem:
These two services both need to load their own /js/build.js file. However, when service b makes a request for /js/build.js, nginx routes it to the first option and makes a request for the build.js from service a instead.
Is there a way to prepend /b to all requests coming from service b? Also, what is the name for what I'm trying to do?

Resources