I've spent forever searching and I can't see that I'm doing anything wrong.
Basically I have two domains and want to route to a backend service depending on which one is visited.
clientkey.local
clientkey.strapi.local
When I visit each of these domains, it's rewriting the urls as:
clientkey.local/
clientkey.strapi.local/
There is no point to adding the extra slashes if I'm just visiting the base domain. I can add the trailing slash if I want and still end up on the home page, but it shouldn't redirect me there automatically. Below is my nginx config.
Any ideas? I'm using docker-compose if that matters. I feel like I'm missing something obvious.
worker_processes 4;
events { worker_connections 1024; }
http {
upstream strapi_servers {
server strapi:1337;
}
upstream gallery_servers {
server gallery;
}
server {
listen 80;
server_name clientkey.strapi.local;
location / {
proxy_pass http://strapi_servers;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
}
server {
listen 80;
server_name clientkey.local;
location / {
proxy_pass http://gallery_servers;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
Quick testing reveals that slash is not hidden for non-public TLD websites (Chromium/Chrome).
In other words, if the TLD isn't real, then slash is not being ommited.
example.local - slash shown
example.anyting-non-real - slash shown
example.com - slash hidden
Related
Link to Shinobi:
https://shinobi.video/
I have a Shinobi which is at 127.0.0.1.
And also the domain example.com on / is the backend, I want example.com/shinobi to host Shinobi.
I tried to do this via nginx, here is my configuration:
server {
server_name example.com;
listen 443 ssl;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
}
location /shinobi/ {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_redirect off;
}
location /socket.io/ {
proxy_pass http://127.0.0.1:8080/socket.io;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade;
proxy_set_header Host $host;
}
}
This doesn't work for me, I found the answer on reddit:
https://www.reddit.com/r/ShinobiCCTV/comments/fgmce0/problem_with_shinobi_behind_nginx_reverse_proxy/
I changed baseURL in /home/Shinobi/conf.json to https://example.com/shinobi/ and restarted Shinobi pm2 restart all. I get this response:
[PM2] Applying action restartProcessId on app [all](ids: [ 0 ])
[PM2] [camera](0) ✓
When I go to https://example.com/shinobi/{TOKEN}/embed/{GROUP}/{CAMERA}/fullscreen%7Cjquery I get:
Cannot GET /shinobi/{TOKEN}/embed/{GROUP}/{CAMERA}/fullscreen%7Cjquery
That didn't work for me. Can you please tell me how I can fix this and what could be the problem?
I have two node js apps that I want to put behind nginx.
I access application 1 which has "/" as a base and I access its pages which are on /be/ but when I try to go to application 2 automatically I am referred to "/".
summary
App1:
based:"/"
url: localhost:3003
application pages can be found in /be/
App2:
base:"/be/"
url: localhost:3000/be/login
the application pages can also be found on /be/
here is my nginx config
server {
listen 80;
server_name 192.168.1.64;
access_log /var/log/nginx/portalerr.logs;
error_log /var/log/nginx/portalaccess.logs;
location / {
proxy_pass http://192.168.1.64:3003/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
}
location /login/ {
proxy_pass http://192.168.1.64:3000/be/login;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
rewrite /be/login(.*) /$1 break;
proxy_cache_bypass $http_upgrade;
}
}
When I put
proxy_set_header Host $host;
under location /wordpress/ in my nginx.conf-file, I get working Wordpress urls apart from the admin panel where /wordpress/ is removed from the urls, making all links in the admin panel non-functional.
If I remove proxy_set_header Host $host;, I get non-working Wordpress urls but a working admin-panel.
I run a Wordpress install with a NextJs front-end with docker-compose and an nginx reverse proxy in front of it. I need both working Wordpress urls and the admin panel because I need access to the RSS feed (the /feed-url which doesn't work when I do the proxy_set_header-thing).
My location-block in nginx-conf:
location /wordpress/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://IP-TO-WORDPRESS:8000/;
# proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
}
Tried
adding and removing proxy_set_header Host $host,
adding a special location block for wp-admin (/wordpress/wp-admin - didn't work)
changing the url of proxy_pass
changing siteurl and home in wp_options in the wordpress mysql database
Entire Nginx.conf:
events {
worker_connections 1024;
# worker_processes and worker_connections allows you to
calculate maxclients value:
# max_clients = worker_processes * worker_connections
}
http{
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
return 301 https://$host$request_uri;
}
# HTTPS ?~#~T proxy all requests to the Node app
server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name SERVER-NAME.no;
# Use the Let?~#~Ys Encrypt certificates
ssl_certificate /etc/letsencrypt/live/SERVER-
NAME.no/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/SERVER-
NAME.no/privkey.pem;
# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:82/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location = /wordpress {
return https://SERVER-NAME.no/NEXT-JS-BLOG-PAGE;
}
location /wordpress/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://IP.TO-WORDPRESS:8000/;
# proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
Expected:
I would expect urls to work both in the wordpress admin panel and for the wordpress posts and rss feed. This is not the case.
Please help as I'm quite lost on this one.
Found the problem was in the Wordpress app and not with the Nginx configuration. Turns out Wordpress has something called wp_admin_canonical_url() that sets the url in addition to siteurl and home.
See https://wordpress.stackexchange.com/questions/269798/wrong-wp-admin-url.
if have a subdomain on my nginx webserver configuration: sub.mydomain.com
and i have a backend server which listen on port 5000: http://127.0.0.1:5000
is it possible to pass all subdomain calls to the backend?
Like: https://sub.mydomain.com/list to http://127.0.0.1:5000/sub/list
This should work with all methods: POST, PUT, GET, DELETE
UPDATE:
when i call my server: https://mysubdomain.mydomain.com
with the following configuration:
upstream http_backend {
server 127.0.0.1:5000;
}
server_name ~^(?<subdomain>[^.]+)\.mydomain\.com;
This does not work (error: 404):
location / {
proxy_pass http://http_backend/$subdomain/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
This works fine:
location / {
proxy_pass http://http_backend/mysubdomain/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
When i log the $subdomain variable in the access_log, it seems to be correct.
nginx version: nginx/1.9.15
To pass all subdomains you need to set it in server name by putting dot before domain.
server_name .mydomain.com;
Yes, you can use variables in proxy_pass. And you can extract part of domain using regexp server name.
server {
server_name ~^(?<sub>[^.]+)\.example\.com;
# now subdomain of example.com placed to $sub
# please, note, this rule do not work for http://example.com
location / {
proxy_pass http://127.0.0.1:5000/$sub/;
# Path part of proxy_par URI will replace path
# part of location directive (so / -> /$sub/, /xxxx/ -> /$sub/xxxx/)
}
}
Thats all :)
It seems nginx does not add the $uri to the proxy_pass if i use the $subdomain variable.
The following solution works:
location / {
proxy_pass http://http_backend/$subdomain/$uri;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
I have a reverse proxy for /forums setup like so:
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /forums {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:4567/;
proxy_redirect off;
# Sockect.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
It works, kind of, when I try to go to localhost/forums I see the page, but all the static content 404's and if I try to click on a link, e.g. /login it takes me to localhost/login instead of localhost/forums/login, any idea how I can fix this?
You should add a slash character at the end of location /forums so as to get:
location /forums/ {
...
}
According to the doc:
If a location is defined by a prefix string that ends with the slash
character, and requests are processed by one of proxy_pass then the
special processing is performed. In response to a request with URI
equal to this string, but without the trailing slash, a permanent
redirect with the code 301 will be returned to the requested URI with
the slash appended.