nginx Reverse Proxy with 2 servers - nginx

So i've came across a cool project and i wanted to recreate it. It is my first time using nginx and also my first time learning things about a reverse proxy. I've currently have a reverse proxy running and it works (I guess). But the Proxy currently only works with other ports. I have 3 servers that are running nginx. I use one of them as my reverse proxy. I can access the other servers with different ports. See here (reverse-proxy.conf):
server {
listen 80;
root /var/www/html;
server_name localhost;
location / {
proxy_pass http://192.168.2.20;
}
}
server {
listen 8080;
root /var/www/html;
server_name localhost;
location / {
proxy_pass http://192.168.2.30;
}
}
Are there a way to use the reverse proxy without using different ports? Or is my solution ok? At the end i just need a reverse proxy that is able to communicate with 2 other servers.

So one thing here people use reverse proxy in a different ways
But most generic usecase is redirect using location.
Please find the below example.
server {
listen 80;
root /var/www/html;
server_name localhost;
location /a {
proxy_pass http://192.168.2.20;
}
location /b {
proxy_pass http://192.168.3.20;
}
}
Another is giving weight to each proxy.
Please find the below example
stream {
upstream stream_backend {
server http://192.168.2.20 weight=75;
server http://192.168.3.20 weight=25;
}
server {
listen 80;
root /var/www/html;
server_name localhost;
location / {
proxy_pass stream_backend;
}
}
In above 192.168.2.20 will receive 75% of the load and 192.168.3.20 will receive 25% of the load. In case if you want to distribute the equal load to both(or round-robin method) Please remove the weight.

I think you may not understand how Nginx work about proxy.
Nginx can reverse Proxy L7 http or L4 stream
and you set the proxy listen on any port or URL you want and proxy to any server or port or URL you want.
server {
listen 80;
root /var/www/html;
server_name localhost;
location / {
proxy_pass http://192.168.2.20:2323/URL;
}
}
server {
listen 8080;
root /var/www/html;
server_name localhost;
location / {
proxy_pass unix:/tmp/backend.socket;
}
}
Here is a reference for you about the proxy_pass directive.
proxy_pass

Related

trying to log ip via nginx reverse proxy

I have Nginx serving a node.js and react application that communicate with each other. I deployed to my cloud with pm2.
I am storing IPs that are connecting and instead of the client's IP, I get the client fwd'd proxy ::ffff:127.0.0.1
My nginx conf:
upstream loadbalancer {
least_conn;
server 127.0.0.1:3500;
server 127.0.0.1:3501;
}
server {
index index.html index.htm index.nginx-debian.html;
server_name site.co www.site.co;
listen 80;
listen [::]:80;
# react app & front-end files
location / {
root /var/www/html/client/build;
try_files $uri /index.html;
}
location /api/ {
proxy_pass http://loadbalancer/;
proxy_buffering on;
}
}
What am I missing here?

Change port for http to https -- Nginx

Sorry for limited understanding on Nginx, Iam new to Nginx.
I have a webapp running on React and Nginx. Recently I received the SSL certificates for my website. I tried to configure the website and it worked partially. The problem is when I tried to open "https://example.com", the SSL certificates are visible here but its showing nginx default home page. While when I open "http://example.com" it shows all the webcontent.
I attempted to:
change the port from 80 to 443
Reinstall nginx.
But nothing seems to work. Here is my nginx confs at the moment:
/etc/nginx/sites-available/example.org
server {
listen 443;
listen [::]:443;
ssl on;
ssl_certificate /etc/nginx/ssl/bundle.cer;
ssl_certificate_key /etc/nginx/ssl/example.key
root /var/www/html;
server_name example.org;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 80;
listen [::]:80;
server_name _;
return 301 https://example.org;
}
/etc/nginx/conf.d/www/example.org.conf
server {
listen 80 default_server;
server www.example.org;
location / {
root /usr/share/nginx/html;
index index.htm; index.html;
}
}
Note: I reload nginx at every new attempt.
Please help where am I going wrong.
Keeping just 1 file for config works for the above problem. I kept the "default" conf at "/etc/nginx/sites-available"

How to create reverse proxy for multiple websites in nginx

I have many different technologies serving APIs and sites on my local machine. I want to be able to see them via human-readable names, rather than ports.
For example, I have:
localhost:8000 => laravel api for user panel
localhost:8001 => laravel api for admin panel
localhost:3000 => react client for user panel
localhost:3001 => nextjs client for site
localhost:3002 => react client for admin panel
And this list goes on.
Remembering all these ports is not possible of course. Thus I thought to setup a reverse proxy for them:
api.user.example.local
api.admin.example.local
example.local
user.example.local
admin.example.local
I know I have to add these host headers to /etc/hosts file. I also read about how to configure nginx as a reverse proxy for one domain.
I don't know how to do it for many sites. And only as a reverse proxy, not as a server.
Please note: I'm not considering myself as really super nginx expert, just starting to learn nginx, but I think I can help you with this task.
Here is my approach:
First, make sure your default nginx config (usually /etc/nginx/nginx.conf) has line include /etc/nginx/conf.d/*.conf; in its http block, so you may specify internal servers in separate config files for ease of use.
Create additional config file /etc/nginx/conf.d/local_domains.conf and add following server blocks in it:
server {
listen 80;
server_name api.user.example.local;
location / {
set $target http://localhost:8000;
proxy_pass $target;
}
}
server {
listen 80;
server_name api.admin.example.local;
location / {
set $target http://localhost:8001;
proxy_pass $target;
}
}
server {
listen 80;
server_name example.local;
location / {
set $target http://localhost:3000;
proxy_pass $target;
}
}
server {
listen 80;
server_name user.example.local;
location / {
set $target http://localhost:3001;
proxy_pass $target;
}
}
server {
listen 80;
server_name admin.example.local;
location / {
set $target http://localhost:3002;
proxy_pass $target;
}
}
On the client machine, add these records to the hosts file
192.168.1.1 api.user.example.local
192.168.1.1 api.admin.example.local
192.168.1.1 example.local
192.168.1.1 user.example.local
192.168.1.1 admin.example.local
Where 192.168.1.1 is the address of your nginx server.
That's it, it should work if your internal servers are using HTTP protocol.
But if you need to use HTTPS for internal servers and for the main nginx server, modify each server block as follows:
server {
listen 443 ssl http2;
server_name api.user.example.local;
ssl_certificate /usr/local/share/ca-certificates/example.local.crt;
ssl_certificate_key /usr/local/share/ca-certificates/example.local.key;
add_header Strict-Transport-Security "max-age=31536000" always;
location / {
set $target https://api.user.example.local:8000;
proxy_pass $target;
}
}
and so on
ssl_certificate and ssl_certificate_key should point to correct certificate and key files for the domain.
If you would like nginx main server to listen port 80 and redirect all traffic to https, add additional server blocks for each server:
server {
server_name api.user.example.local;
listen 80;
# Force redirection to https on nginx side
location / {
return 301 https://$host$request_uri;
}
}
and so on
More information on NGINX Reverse Proxy
NGINX Reverse Proxy
Module ngx_http_proxy_module

Nginx server block ERR_NAME_NOT_RESOLVED

I am running Nginx on an Ubuntu 14.04.5 server. I am trying to set up a new server block but when I navigate to the URL I see this error:
My configuration for this virtual host is below.
The directory that I'd like my subdomain to point to is /var/www/vhosts/ny-video.splashpreviews.com
In /etc/nginx/sites-available is my server block file. The server configuration part of that file is below:
server {
listen *:80;
listen [::]:80;
root /var/www/vhosts/ny-video.splashpreviews.com;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name ny-video.splashpreviews.com;
}
I then enabled the server block and restarted Nginx. Is there something I am missing in the process or something I am doing wrong that is causing this to not work? Any guidance would be appreciated. Thank you.
You need to add splashpreviews.com site to configuration and allow locations of the server. There can be several location sections, limiting access to each subdirectory.
http {
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
include /etc/nginx/mime.types;
....
server {
listen 80;
server_name splashpreviews.com www.splashpreviews.com;
location / {
allow all;
}
....
}
server {
listen 80;
server_name ny-video.sp.com;
location / {
allow all;
}

Nginx - Stop forcing HTTPS on subdomain

I have a site which is ran with nginx, and with the structure where we have a load balancer, and currently only one web server behind it (currently no real traffic so one web server only).
Anyways, in load balancer nginx config, we forced HTTPS on each request:
server {
listen 80;
server_name www.xyz.com xyz.com
return 301 https://www.xyz.com$request_uri;
}
This works fine, but now I want to say "on this subdomain - dev.xyz.com, allow HTTP too and don't do the forcing".
At first, the server_name param was "any", and thought that might be the problem, so I specifically typed the names as in the above samples, and when I type http://www.dev.xyz.com, I get redirected back to the https://www.xyz.com.
Below server block, we have SSL definitions too:
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/ssl/xyz.com.pem;
ssl_certificate_key /etc/nginx/ssl/xyzPrivateKeyNginx.key;
keepalive_timeout 70;
server_name www.xyz.com;
root /usr/local/nginx/html;
client_max_body_size 25M;
client_body_timeout 120s;
# Add trailing slash if missing
rewrite ^([^\.]*[^/])$ $1/ permanent;
}
Thanks! :)
it turned out the solution was simple, I only inserted a simple redirect:
server {
listen 80;
server_name www.dev.xyz.com
location / {
proxy_pass http://xxyyzz;
}
}
Where xxyyzz is:
upstream xxyyzz{
ip_hash;
server 10.100.1.100:80;
}
Thanks anyways!

Resources