i've an issue with my NuxtJs deployment. I'm trying to do this with DigitalOcean Droplet and nginx. I'm using Nginx with reverse proxy with the configuration below.
server {
listen 80; # the port nginx is listening on
server_name reepen.gg; # setup your domain here
gzip on;
gzip_types text/plain application/xml text/css application/javascript;
gzip_min_length 1000;
, location / {
expires $expires;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://localhost:3000; # set the address of the Node.js instance here
}
}
When i try curl http://localhost:80, the response is the index html code of my Nuxt application. But when i try to call my droplet outside with his ip address or domain name, i've ERR_CONNECTION_TIMED_OUT. I don't know why my droplet ip address are not connected with my http://localhost:80
To configure my droplet i used this tutorial (i've set firewall as in doc) https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04
And i've tryed this tutorial to deploy my app https://medium.com/codeartisan/how-to-run-nuxt-js-on-digitalocean-159fc558d2ab
Thanks for your help :)
It was my ufw firewall set in https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04
When i disabled it all works fine !
Related
So I have set up a reverse proxy to tunnel my application.
Unfortunately the application thinks it is served via http and not https and gives out URLs with port 80.
How can I handle this in the nginx reverse proxy? (by rewriting maybe)
When I go on the page:
https://my.server.com
index.php loads, everything is okay
after clicking something I have a URL like this:
https://my.server.com:80/page/stuff/?redirect_to
which throws an error within the browser because my reverse proxy doesn't serve SSL on port 80.
How can I migitate this?
My current nginx ssl vhost for the site:
... ssl stuff ...
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
location / {
proxy_pass http://localhost:22228;
proxy_buffering off;
proxy_redirect off;
proxy_read_timeout 43800;
proxy_pass_request_headers on;
proxy_set_header Connection "Keep-Alive";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass_header Content-Type;
proxy_pass_header Content-Disposition;
proxy_pass_header Content-Length;
proxy_set_header X-Forwarded-Proto https;
}
(yes I know my request headers look like a christmas tree 🎄)
Also bonus points if you show where the documentation addressing this issue is and what the mechanism is called.
For rewriting response body you can use http_sub_module:
location / {
proxy_pass http://localhost:22228;
sub_filter_once off;
sub_filter_types text/css application/javascript; # in addition to text/html
sub_filter "//my.server.com:80/" "//my.server.com/";
}
Many people says (1, 2) that you need to disable compression when using sub_filter directive:
proxy_set_header Accept-Encoding "";
For me, it works fine without this line in config, but it can be a feature of OpenResty which I use instead of nginx.
If your app generates HTTP 30x redirects with explicit indication of domain:port, you can rewrite Location header value with the proxy_redirect directive:
proxy_redirect //my.server.com:80/ //my.server.com/;
I'm trying to figure out how to set up Nginx as a reverse proxy from a single domain to multiple backend sites based on the location.
Nginx Config:
server {
listen 80;
underscores_in_headers on;
server_name test.example.com;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/plain application/x-javascript text/xml text/css application/javascript;
gzip_vary on;
gzip_proxied any;
proxy_http_version 1.1;
location /page1/ {
proxy_pass http://www.siteone.com/pageone;
proxy_set_header Host www.siteone.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /page2/ {
proxy_pass http://www.sitetwo.com/pagetwo;
proxy_set_header Host www.sitetwo.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
The problem is that static files (images, css, etc.) are all broken. The initial request returns fine, but subsequent GET requests all go to the proxy subdomain (ex: test.example.com/css/style.css), and return 404 or 500 errors.
I tried to work around this with a static files location, or a catch all (e.g., "location /" or "location ~* ^(.*).(css|js|etc..)"), but I can't do that for both proxied sites. As a workaround I also tried catching the referer URL and setting the catch-all's proxy_pass based on that, but it didn't work for everything and seemed kind of prone to failure.
I know this isn't a common setup, but unfortunately for our use case we can't use the more common method of a subdomain & server block for each proxied request. Our requirement is for a single subdomain proxying to two or more backends based on the path (e.g., test.example.com/this-path -> backend.domain.com/can-be-anything).
We're using this proxy as a caching server, so I'd also be open to doing this with Varnish + Nginx for SSL termination if it better supports the use case.
Open to any suggestions from the community, and thanks!
I stuck to configure a simple reverse proxy on AWS.
Since we have one host (reverse proxy nginx) serving the public access I decided to follow the rules and created the following configuration.
server {
listen 9990;
server_name project-wildfly.domain.me;
access_log /var/log/nginx/wildfly.access.log;
error_log /var/log/nginx/wildfly.error.log;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
root /var/www/;
index index.html index.htm;
location /console {
proxy_set_header Host $server_addr:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Cache-Control "no-cache, no-store";
proxy_pass http://10.124.1.120:9990/console;
}
location /management {
proxy_set_header Host $server_addr:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Cache-Control "no-cache, no-store";
proxy_pass http://10.124.1.120:9990/management;
}
}
This will serve the admin console and I'm able to log in with the user. Then this message appears:
Access Denied
Insufficient privileges to access this interface.
Nothing within the error log. Thanks for any hint!
I had the same issue when configuring Wildfly 15 and nginx 1.10.3 as reverse proxy.
Setup was very similar to the first post, redirecting /management & /console to wildflyhost:9990.
I was able to access the console directly via :9990 and when comparing the network traffic between direct and nginx-proxied traffic, I noticed that Origin and Host were different.
So in my case the solution was to force the Origin and Host headers in Nginx to something that Wildfly is expecting. I couldn't find this solution elsewhere, so I'm posting it here for future reference anyhow although the thread is old.
location /.../ {
proxy_set_header Host $host:9990;
proxy_set_header Origin http://$host:9990;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
proxy_pass http://wildflyhost:9990
...
}
Maybe you need turn on management module.
Try this:sh standalone.sh -b 0.0.0.0 -bmanagement 0.0.0.0 &
I have 2 servers(CentOS7) in LAN WildflyAPP and nGinX.
nGinX is having 2 eth cards. One connected with LAN(192.X.X.X network) and second up to the wild world (external static IP).
I'm trying to use nGinX as Proxy to Wildfly 8.2.1(as a service) using subdomains:
app.mydomain.com to be used as proxy to Wildfly application (8080 port)
wildfly.mydomain.com for management to wildfly (9000 port)
In both cases im receiving 502 error
I used default configuration for nGinx:
server {
listen 80;
server_name app.mydomain.com;
error_log /var/log/nginx/app-error.log;
access_log /var/log/nginx/app-access.log;
location / {
proxy_pass http://192.X.X.X:8080/;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
add_header Cache-Control "no-cache, no-store";
}
}
I also tried versions with:
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
Nothing i found anywhere in net helped (standalone file checked and looks ok, APP accessible from LAN at 8080 without any problems).
Please help me what i am doing wrong here.
I'm using nginx to route all incoming requests for a subdomain to a specific server. How do I configure nginx to also serve the static files from that same server?
server {
server_name subdomain.XYZ.com;
location / {
proxy_http_version 1.1;
proxy_redirect off;
proxy_pass http://10.123.456.78:8000;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 864000;
}
location /static/ {
autoindex on;
alias /static/;
}
}
In this case, all incoming requests to subdomain.XYZ.com are rerouted to 10.123.456.78:8000. But all requests for static files are still on the local server (the one running nginx).
How do I route the static files to the remote server? And then how do I enable both caching and gzip compression of those static files?
It's quite simple:
gzip on;
gzip_types text/plain application/json;
# or gzip *; for all
proxy_cache_path /data/nginx/cache keys_zone=one:10m;
location /static/? {
proxy_cache one;
proxy_pass http://10.123.456.78:8000/path/to/static/files;
}
I would recommend gzipping them from the source instead however (on server 10.123.456.78).