nginx proxypass TCP 389 - nginx

We have one "OpenLDAP" server with port 389 currently active,using nginx we want to proxypass this TCP port 389 to TCP based ingress. can any one please share the nginx.conf detail for this.
So far, left with incomplete as per below,
upstream rtmp_servers {
server acme.example.com:389;
}
server {
listen 389;
server_name localhost:389;
proxy_pass rtmp_servers;
proxy_protocol on;
}
Getting an error, any recommendation is appreciated
2021/03/02 09:45:39 [emerg] 1#1: "proxy_pass" directive is not allowed
here in /etc/nginx/conf.d/nginx-auth-tunnel.conf:9 nginx: [emerg]
"proxy_pass" directive is not allowed here in
/etc/nginx/conf.d/nginx-auth-tunnel.conf:9

Your configuration should be in a stream block
You don't need server_name localhost:389;
You are including the configuration from /etc/nginx/conf.d folder which is included inside http block in main nginx.conf file. The stream block should be at the same level as http block. Check the /etc/nginx/nginx.conf for the include and maybe you have to add one for the stream section
This is a sample nginx.conf,
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf; #This include is your problem
}
stream {
upstream rtmp_servers {
server acme.example.com:389;
}
server {
listen 389;
proxy_pass rtmp_servers;
proxy_protocol on;
}
}

Related

nginx is not proxy passing to my nest app

I am trying to configure NGINX to serve my nest app(which is running on docker).
My app is listening on port 3000
The server is amazon linux 2(ec2-user)
The conf file looks like this:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
#include /etc/nginx/conf.d/nginx.conf;
server {
listen 80;
listen [::]:80;
server_name <ip.adress>;
#web
location / {
add_header X-yahav $uri; # this gets mounted
}
#api
location = /api { # this one is never approached
add_header X-yahav "Api-pass";
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header Host $http_host;
#proxy_pass http://127.0.0.1:3000/;
}
}
}
I want to redirect /api to my nest app but it just wont have it i'm getting a simple 404 without the header i'm attaching(as you can see in the conf file)
Another thing is when I go to the root (location /) I do get my header mounted as expected
Any have any idea what is wrong?
Don't forget to add "/api" to your requests, like http://your-server:80/api/

'connection reset by peer' for large response body by nginx mirror module

I want to copy requests to another backend with ngx_http_mirror_module.
This is my nginx.conf.
Nginx version is 1.19.10
worker_processes 1;
error_log logs/error.log info;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
server {
listen 8888;
server_name localhost;
location / {
proxy_pass http://127.0.0.1:8080;
mirror /mirror;
}
location /mirror {
internal;
proxy_pass http://127.0.0.1:18080$request_uri;
}
}
}
My Spring applications listen on 8080 and 18080.
The problem is that when the backend server which handles the mirrored request returns a large body response, the backend server throws ClientAbortException because of connection reset by peer.
Nothing is recorded in the nginx error log.
The nginx access log records status 200 for the mirrored request.
Problems tend to occur when the response size is 4k bytes or larger.
Increasing proxy_buffer_size may solve the problem, but if the response size is large (8k bytes or more?), Even if it is smaller than proxy_buffer_size, problems will occur.
I tried to change subrequest_output_buffer_size, but nothing changed.
How can I stop the error?

nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:16

I'm new to NGINX and I'm trying to setup minimal working thing. So I trying to run https with nginx and supervisor (by this example). But I can't configure Nginx right and getting the following error:
Error Code: nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:16 nginx: configuration file /etc/nginx/nginx.conf test failed .
GNU nano 2.0.9 File: /etc/nginx/nginx.conf
#user nginx;
worker_processes 1;
#error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
#pid /var/run/nginx.pid;
include /etc/nginx/modules.conf.d/*.conf;
events {
worker_connections 1024;
}
location ~^/wp-json/ {
rewrite ^/wp-json/(.*?)$ /?rest_route=/$1 last;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#tcp_nodelay on;
#gzip on;
#gzip_disable "MSIE [1-6]\.(?!.*SV1)";
server_tokens off;
include /etc/nginx/conf.d/*.conf;
}
# override global parameters e.g. worker_rlimit_nofile
include /etc/nginx/*global_params;
It looks correct. server directive is in http as it should be. And http is parent directive. What I'm doing wrong?
Not quite sure what you mean by "server directive is in http" - I'll assume you're referring to what's in the files included from /etc/nginx/conf.d/*.conf.
Anyway, if you're trying to enhance the server directive in one of the included files, you'll have to do that there. If you'd like to define a new server, you'll need a block within http. And within that block, you'll add your location block.
http {
#...
server {
#...
location ~^/wp-json/ {
#...
rewrite ^/wp-json/(.*?)$ /?rest_route=/$1 last;
#...
}
#...
}
#...
}
If you're just getting started, maybe this is a good resource: http://nginx.org/en/docs/beginners_guide.html?

Nginx HLS Load balancer data traffic on primary server

My design is:
Media Server -> edge servers (Multiple Nginx Cache server -> Nginx Load Balancer)
it is my private CDN system (for Live content delivery)
I have content source and multiple edges; in each edge, there is multiple cache server and a Load Balancer
I started step by step, so for this job I face a problem with Nginx Load Balancer.
In this configuration, I am balancing between two servers s1 and s2.
but when I check traffic by(nload), I see big traffic on the primary server(load balancer) for example from nload see s1=1GBPS s2=1GBPS loadbalancer=2GBPS
note: my content is HLS (.m3u8)
user www-data;
worker_processes 5; ## Default: 1
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
worker_rlimit_nofile 8192;
events {
worker_connections 4096; ## Default: 1024
}
http {
include mime.types;
include /etc/nginx/proxy.conf;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
# upstream
upstream origins {
server s1.ip;
server s2.ip;
}
# default route
server {
listen 80;
server_name example.com;
access_log /var/log/nginx/example.com main;
location / {
proxy_set_header Host $host;
proxy_pass http://origins;
}
}
}

Nginx site can't be reached

I tried installing nginx with virtual hosting enabled with a single site currently hosted.
my nginx.conf
user nginxsite;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
#server_names_hash_bucket_size 64;
}
I assume that the user nginxsite; is the useradd created for the root directory ownership. default of that is just nginx.
my virtual.conf inside /etc/nginx/conf.d/
server {
listen 80;
#listen *:80;
server_name www.nginxsite.domain.com *.nginxsite.domain.com;
#access_log /var/log/nginx/access.log
location / {
root /var/www/nginxsite.com/public_html/;
index index.html index.htm; }
}
The server name and ip has already been added in my hostfile
XX.XX.XX.XX www.nginxsite.domain.com
I'm pretty sure the issue lies in my conf files but I can't seem to point out where.
Checked the logs but there's nothing.
Please help.
Thanks so much!

Resources