I have a web server for hobby project running behind Nginx (listen to tcp port 443)
On the same server, I installed OpenVPN server (listen to udp port 1194). And it's working properly with my home wifi.
However, a lot of public wifi is blocking port 1194, so I want to have the Nginx listen on UDP port 443 then forward to OpenVPN on port 1194.
Here is my nginx config, I have open all the necessary firewall but it's not successful.
stream{
upstream vpn_backend{
server localhost:1194;
}
server{
listen 443 udp;
proxy_pass vpn_backend;
proxy_responses 0;
}
}
Any idea how to make this work?
Related
I use Nginx (not Nginx plus) and FluentBit for one scenario.
In fact, the requests are sent to the UDP port in Nginx, and then Nginx sends them to Fluentbit in a round-robin so all requests are proxied to the server fluentbit_upstreams.
FluentBit does not return anything by default, so Nginx cannot notice that any of the servers are down.
I used fail_timeout and max_fails but it didn't help me.
pstream fluentbit_upstreams {
server fluentBitA.dev:5555 weight=1 fail_timeout=30s max_fails=1;
server fluentBitB.dev:6666 weight=1 fail_timeout=30s max_fails=1;
}
server {
listen 13149 udp;
proxy_pass fluentbit_upstreams;
proxy_responses 1;
error_log /var/log/nginx/udp.log;
}
How can this problem be solved? how Nginx can notice that one of the servers is down
Recently i setup a server & using haproxy. Everything else runs smoothly but port 80 is not connecting. Here is the haproxy config file. Esp gives problem when certbot tries to renew. What am I missing here?
frontend backend.sample.com
bind *:80
# Test URI to see if its a letsencrypt request
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt-backend if letsencrypt-acl
bind 64.123.456.124:6684 ssl crt /etc/haproxy/certs/backend.sample.com.pem
default_backend webapps
backend webapps
balance roundrobin
server app01 64.123.456.124:5684
backend letsencrypt-backend
server letsencrypt 127.0.0.1:54321 ```
Below is what I want to achieve;
Forward traffic from http://myip.com to http://localhost:8081
Forward traffic from http://gitlab.myip.com to http://localhost:8443
The following snippet is the content of my Nginx configuration file;
# /etc/nginx/sites-available/two-applications.conf
server {
listen 80;
server_name myip.com;
location / {
# Proxy pass to Apache server
proxy_pass http://localhost:8081;
}
}
server {
listen 80;
server_name gitlab.myip.com;
location / {
# Proxy pass to GitLab server
proxy_pass http://localhost:8443;
}
}
It works as expected within my network but hangs when accessed from outside my network except when port 8081 and 8443 are appended to http://myip.com and http://gitlab.myip.com respectively.
My router is forwarding traffic from ports 80, 8443, 8081 to the computer hosting these applications and my firewall was disabled by running ufw disable.
This is my (abbreviated) output from running sudo netstat -tulpn:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 20603/nginx: master
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 13513/nginx: master
tcp6 0 0 :::8081 :::* LISTEN 685/apache2
What am I doing wrong and how can I fix it?
EDIT
The problem here was with the ISP blocking port 80
I use Ubuntu Server 18.04 and wish to forward/redirect traffic from port 80 to port 443 (https).
I want to do this as I have SSL on NGINX(port 80) and a Flask app running on Gunicorn on port 443. I can't make NGINX proxy requests as the app isn't in a virtualenv.
I wish to use UFW. How can I do this?
Redirecting http to https traffic is not the purpose of a firewall like ufw.
You should redirect the requests within NGINX as follows:
server {
listen 80;
server_name example.org;
return 301 https://example.org$request_uri;
}
... where 80 is the http port, example.org is your domain, and 301 indicates the browser that the resource is accessible at the other place.
I am trying to configure nginx i m trying to find how listen directive in server block works.
suppose i have this config:
server {
listen 192.168.11.12:80;
}
Does it mean nginx will listen for requests on port 80 which is coming from ip: 192.168.11.22 . or does it mean it will listen on ip 192.168.11.12 and on port 80. I searched for docs but they simply mention how server block works.
The second one, it will listen on that ip and port.