I'm serving 2 docker containers on a LAN network, a cloud server on port 5234 and a flask application other on 8080.
I'm trying to use nginx as a reverse proxy to run them both on the same ip with different extensions. My config:
server {
listen 80 default_server;
server_name 192.168.1.23;
location /web {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
access_log /var/log/nginx/flaskapp.access.log;
error_log /var/log/nginx/flaskapp.error.log;
}
location /cloud {
proxy_pass http://127.0.0.1:5234;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
access_log /var/log/nginx/nextcloud.access.log;
error_log /var/log/nginx/nextcloud.error.log;
}
}
but I'm getting a 502 Bad Gateway when accessing 192.168.1.23/web or 192.168.1.23/cloud.
In flaskapp.error.log:
connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.1.72, server: 192.168.1.23, request: "GET /web HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "192.168.1.23"
In nextcloud.error.log:
recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.72, server: 192.168.1.23, request: "GET /cloud HTTP/1.1", upstream: "http://127.0.0.1:5234/cloud", host: "192.168.1.23"
Is there a way to run multiple web applications on the same ip like this or using different ports?
0.0.0.0 is not a valid IP Address. Try 127.0.0.1 which refers to the local host.
like this:
proxy_pass http://127.0.0.1:8080;
Related
I have an Angular SPA that I am trying to serve on a private network via IP.
I have this configuration in nginx
server {
listen 80 default_server;
root /var/www/report;
try_files $uri $uri/ index.html?$args
server_name _;
location /reportapi {
rewrite /reportapi/(.*) /$1 break;
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
When I navigate to the root URL say 192.168.10.10 the SPA is served correctly and navigation within it is fine. If I refresh a page or try to navigate directly to a specific URL say 192.168.10.10/scantests i get a 500 error.
The error log says
[error] 67305#67305: *2060 rewrite or internal redirection cycle while internally redirecting to "_", client: 192.168.10.77, server: , request: "GET /scantests HTTP/1.1", host: "192.168.10.10"
If I change the server_name to the IP address it has the same error but the IP address in the quotes not _. How do I setup the redirect to work correctly?
This is my NGINX config:
upstream app {
server 127.0.0.1:3000;
}
upstream websockets {
server 127.0.0.1:3001;
}
server {
listen 80 default_server deferred;
root /home/malcom/dev/scrutiny/public;
server_name localhost 127.0.0.1;
try_files $uri #app;
location #app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app;
}
location /cable {
proxy_pass http://websockets/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
"app" is a puma server serving a Rails app, and "websockets" points to an anycable-go process as the backend for CableReady.
The Rails app is working fine, apart from the websockets.
The browser says:
WebSocket connection to 'ws://127.0.0.1/cable' failed:
And the NGINX error_log the following:
2021/07/14 13:47:59 [error] 16057#16057: *14 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: localhost, request: "GET /cable HTTP/1.1", upstream: "http://127.0.0.1:3001/", host: "127.0.0.1"
The websocket setup per se is working, since everything's fine if I point the ActionCable config directly to 127.0.0.1:3001. It's trying to pass it through NGINX that's giving me headaches.
All the documentation and advice I've found so far makes me believe that this config should do the trick, but it's really not.
Thanks in advance!
So the problem seemed to be the trailing slash in
proxy_pass http://websockets/;
Looks like it's working now.
Here's my issue: The socket.io handshake gets a 404.
I have an nginx reverse-proxy configuration that looks like that:
location /socket.io/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_pass "http://localhost:3000";
}
The weird thing is that, if I go to this url I get an answer
http://ipofmyserver:3000/socket.io/?EIO=3etc...
But the logs tell me that the requests are proxyied to this exact address...
Connection refused while connecting to upstream, client: [...], server: [...], request: "GET /socket.io/?EIO=3&transport=polling&t=N4DgMW5 HTTP/2.0", upstream: "http://[...]:3000/socket.io/?EIO=3&transport=polling&t=N4DgMW5", host: "[...]", referrer: "[...]"
So the upstream is exactly the address where I test manually, but it returns 404 when it goes through nginx...
Thanks anyone for answering this !
I've configured a reverse proxy, and while the http loads, the css/images of the login page don't load. It is trying to load them from the localhost and not the upstream server
I've tried multiple proxy_redirects and rewrites (although I'm fairly new at this) and can't seem to get it working.
server {
listen 80;
location /test {
proxy_pass https://10.10.10.10/platform/login;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect https://10.10.10.10/ /;
}
}
Log error:
[error] 26072#0: *127 open() "/usr/share/nginx/html/platform/images/leaves.png" failed (2: No such file or directory), client: 127.0.0.1, server: , request: "GET /platform/images/leaves.png HTTP/1.1", host: "localhost", referrer: "http://localhost/test"
When I inspect element on chrome it returns 404's for all css/images as well.
Please Help
Your website's HTML is trying to access a url that is not /test/** but /platform/images/leaves.png this means that NGINX won't try to use the reverse proxy.
This part of your NGINX configuration is not getting used at all for anything but /test/**, and NGINX is searching on the local disk of the webserver for the files, which do not exist.
try using a config which captures all scopes instead of just /test.
server {
listen 80;
location /platform {
proxy_pass https://10.10.10.10/platform/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect https://10.10.10.10/ /;
}
}
your website should be visible from http://{NGINX server}/platform/login
this will change your end-point's url so you could add an exception for /test to make http://{NGINX server}/test work aswell.
server {
listen 80;
location /platform {
proxy_pass https://10.10.10.10/platform/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect https://10.10.10.10/ /;
}
location /test {
proxy_pass https://10.10.10.10/platform/login;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect https://10.10.10.10/ /;
}
}
You could also edit your HTML page and proxy_pass /test/** to https://10.10.10.10/platform/
your problem is further explained in Nginx defaults to /usr/share/nginx/html
We recently upgraded from Gitlab 7.14.0 to Gitlab 8.2.1 on a 16GB/8cpu VM at DigitalOcean. We have one Merge Request with 55 comments that simply won't load in the browser. All other merge_requests load fine. We get the following error from NGINX:
2015/12/02 14:49:02 [error] 9094#0: *62 upstream timed out (110: Connection timed out) while reading response header from upstream, client: x.x.x.x, server: gitlab.domain.com, request: "GET /group/project/merge_requests/854 HTTP/1.1", upstream: "http://unix:/home/git/gitlab/tmp/sockets/gitlab.socket/group/project/merge_requests/900", host: "gitlab.domain.com"
In config/unicorn.rb we have set timeout 1200 (up from an original 30, then tried 300 and 600). 600 was working well with Gitlab 7.14.0. We have worker_processes 12 also set in config/unicorn.rb.
Gitlab 8.2.1 uses gitlab-workhorse, but I'm not familiar enough with gitlab-workhorse to know if there are settings for it.
Our workhorse settings in Nginx:
upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
}
upstream gitlab-workhorse {
server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
location #gitlab-workhorse {
client_max_body_size 0;
gzip off;
proxy_read_timeout 600;
proxy_connect_timeout 600;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
Output from free:
total used free shared buffers cached
Mem: 16433928 11946992 4486936 119052 236972 8130620
-/+ buffers/cache: 3579400 12854528
We've restarted Gitlab with service gitlab restart in the hopes there was a hungry resource, but we saw no difference.
Any suggestions on how we figure out what is going on and fix this issue?