Nginx Proxy to multiple ports from same location - nginx

I currently have this configuration
server {
listen 4000;
location / {
proxy_pass http://websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_redirect off;
}
upstream websocket {
server localhost:4444;
}
upstream websocket2 {
server localhost:4445;
}
With this configuration, all requests from localhost:4000 are being proxied to localhost:4444.
I don't want to proxy those request only to localhost:4444 but also to localhost:4445
localhost:4000 proxies requests to
localhost:4444
localhost:4445
Is it possible?

From the Nginx documentation here, you can declare an upstream with multiple servers. Then you can forward the traffic to this upstream and the traffic will be dispatched between servers. So just put your servers in 1 upstream websocket to archive what you want.
upstream websocket {
server localhost:4444;
server localhost:4445;
}
server {
listen 4000;
location / {
proxy_pass http://websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_redirect off;
}

Related

NGINX Problem with Configuring Websocket, no problem with SSE

i am working with NGINX configuration right now.
I am stuck at some strange point.
NGINX allow me to connect via SSE but not via Websocket.
This is my config:
server {
listen 80;
server_name _;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
This is error from browser console via WEBSOCKET:
[2022-08-30T07:49:22.667Z] Error: Failed to start the transport 'WebSockets': Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.
This is WEBSOCKET: Browser Error
This is SSE: SSE
##EDIT:
This is section which fail:
try {
await this._startTransport(connectUrl, requestedTransferFormat);
this.connectionId = negotiate.connectionId;
return;
}
catch (ex) {
this._logger.log(LogLevel.Error, `Failed to start the transport '${endpoint.transport}': ${ex}`);
negotiate = undefined;
transportExceptions.push(new FailedToStartTransportError(`${endpoint.transport} failed: ${ex}`, HttpTransportType[endpoint.transport]));
if (this._connectionState !== "Connecting" /* Connecting */) {
const message = "Failed to select transport before stop() was called.";
this._logger.log(LogLevel.Debug, message);
return Promise.reject(new Error(message));
}
###UPDATE
I FOUND THE SOLUTION. MY ANSWER IS CORRECT ANSWER! :)
I am comming back with the solution.
It is easy.
First thing is:
You need to add in nginx.conf in http { } section this:
map $http_upgrade $connection_upgrade
{
default upgrade;
'' close;
}
and this is config:
server {
listen 50150;
server_name _;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_cache off;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
and you are good to go!
[2022-08-30T10:30:48.900Z] Information: WebSocket connected to ws:~~/~hub?id=Zk-~~.
I hope someone will get use of it.
Best regards

Nginx Reverse Proxy - websocket config to make Fortigate CLI interface work properly

I am trying to get my fortigate router's web interface behind my reverse proxy, not to be accessible from the internet, but to use my LetsEncrypt cert on my internal network. This is the config I'm using:
upstream websockets {
server 192.168.1.99:443;
}
server {
listen 443 ssl;
allow 192.168.1.0/24;
deny all;
server_name f60e.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Authorization "";
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Origin "";
proxy_pass_header X-XSRF-TOKEN;
proxy_pass https://192.168.1.99;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
client_max_body_size 1000m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /websockets/ {
proxy_pass https://websockets;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header Origin "";
}
}
Everything appears to work except for the "Edit in CLI" button. When I attempt to use it, the interface window comes up blank and after a few seconds it says "Connection lost" and I get this error in my browser console
GET https://f60e.walnuthomelab.com/favicon/site.webmanifest net::ERR_CONNECTION_TIMED_OUT
main.js:1
WebSocket connection to 'wss://f60e.walnuthomelab.com/ws/cli/open?cols=66&rows=34' failed:
createWebSocket # main.js:1

www in domain return timeout, after I add redirect using regex in nginx

I have nginx and I want to redirect non-www to www:
So I did it using regex, but the redirect seems to works I get the redirect, but www return timeout.
How can I solve this?
upstream wwwapp {
least_conn;
server www-app:3000 weight=10 max_fails=3 fail_timeout=30s;
}
server {
server_name ~^(?!www\.)(?<domain>.+)$;
return 301 $scheme://www.$domain$request_uri;
}
server {
listen 80;
location / {
proxy_pass http://wwwapp;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Easy.
server {
listen 80;
if ($host ~ ^(?!www\.)(?<domain>.+)$) {
return 301 $scheme://www.$domain$request_uri;
}
location / {
proxy_pass http://wwwapp;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Your second server block does not have a server_name so it is unlikely to get selected to process any requests.
The first server block is the default and will get selected even if the regex does not match.
You should change the second server block, and either add a server_name statement or make it the default_server.
See this document for details.

Seems like nginx proxy server doen't work

I'm newbie in linux and nginx hosting. I have a simple asp net core app that I need to run on https://localhost:5050. So I send a request on https://localhost and wait that nginx process it to :5050 port. But it doesn't..
I created \etc\nginx\sites-available\aspnetcore.conf with the following code
server {
listen 443;
location / {
proxy_pass https://localhost:5050;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
and a symbolinc link to /etc/nginx/sites-enabled/aspnetcore.conf.
Also I have in Startup.cs file
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
So my app doesn't get any request. What am I doing wrong?
UPD:
The problem in https contact. I configured ssl as it describes here
https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-on-debian-9
But still there are no requests...
upstream backend {
server localhost:5050;
}
server {
listen 443;
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}

Why there are so many tcp connections between localhost and localhost when I use nginx proxy service

Why there are so many tcp connections between localhost and localhost when I use nginx proxy service.
this is my nginx proxy configuration:
server {
listen 80;
server_name www.domain1.com;
location /{
proxy_pass http://localhost:4999;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 80;
server_name www.domain2.com;
location /{
proxy_pass http://localhost:4999;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
}
}
Nginx acts as a reverse proxy here, which establish client-proxy tcp connection and proxy-server tcp connection for one http request(http keep-alive will reuse tcp conn)
I guess the proxy-server connection will be closed after client-proxy is closed by client with configuration proxy_pass http://localhost:4999;
You can try the following configuration:
upstream backend {
server localhost:4999;
keepalive 10;
}
server {
listen 80;
server_name www.domain2.com;
location /{
proxy_pass http://backend;
}
}

Resources