Nginx Basic authentification for an upstream location - nginx

i am trying to get a basic authentification in an nginx conf for an upstream.
location /movies/ {
rewrite /movies/(.*)$ /$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_buffering off;
proxy_pass http://jd2movies;
auth_basic "Administrator Login";
auth_basic_user_file /root/.htpasswd;
}
but i get an "500 Internal Server Error"
How can i achieve this to get it working?
Thanks

Related

Consolidate NGINX config for my VueJS and Flask App

I'm working on deploying my VueJS and Flask app. After watching few tutorials I came to the NginX configuration below. It works, but it's getting long. Is there a way I can consolidate the location endpoints to something like this location /*?
I've tried - location /*, location *.
server {
listen $PORT;
root /usr/share/nginx/html;
index index.html index.html;
location / {
try_files $uri /index.html =404;
}
location /ping {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_redirect default;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /query_usdot {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_redirect default;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /subscribe {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_redirect default;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
As nginx documentation states:
location can either be defined by a prefix string, or by a regular expression.
To join this three location blocks you can use this regexp:
location ~ ^/(?:ping|query_usdot|subscribe) {
...
}

alertmanager unsee behind nginx proxy

I'm trying to serve alertmanager and unsee from the same container.
In my testing:
I background alertmanager
I background unsee
I run /sbin/nginx
when I visit / I can see alertmanager
when I visit /unsee I get ERR_INVALID_RESPONSE
I can curl http://127.0.0.1:8080 and see that unsee is serving files
I have the below config in /etc/nginx/sites-enable
server {
listen 9093;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:9094;
proxy_redirect off;
# Socket.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /unsee/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
# Socket.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
so the configuration should be like this ...
server {
listen 9093;
server_name alertmanager.*;
location / {
resolver 127.0.0.11 ipv6=off;
set $target http://container_hostname:9094;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass $target;
}
}
server {
listen 9093;
server_name unsee.*;
location / {
resolver 127.0.0.11 ipv6=off;
set $target http://container_hostname:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass $target;
}
}

Does nginx supports websocket with binary

I'm testing nginx by sending binary data(byte[]) using websocket connection and it doesn't work correctly. I used the following settings.
server {
listen 80;
client_max_body_size 2G;
server_name oracleapps.veeralab.com;
location / {
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 84600s;
proxy_send_timeout 84600s;
proxy_buffering off;
proxy_ignore_client_abort off;
proxy_pass http://localhost:8080;
}
}

Rewrite plex media server url on nginx?

I have very limited knowledge with rewriting url in nginx. I have a plex media server running behind on nginx, i can access the dashboard with http://domain.com/web/index.html with these config i found on github:
upstream plex-upstream {
server plex-server.example.com:32400;
}
server {
listen 80;
server_name domain.com
location / {
if ($http_x_plex_device_name = '') {
rewrite ^/$ http://$http_host/web/index.html;
}
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_pass http://plex-upstream;
}
}
What i want is to remove /web/index.html so when i go to http://domain.com, the PMS dashboard will load. I tried some one liner rewrite rules already but all failed. Thanks.
I am not nginx specialist, but I had similar problem.
The diference is that I was not trying to alias domain.name/ to domain.name/web/,
My goal was to alias domain.name/plex/ to domain.name/web/.
I was getting redirects to web/index.html with all solutions I could find except this one Configure Plex Media Server Reverse Proxy nginx Linux.
The only one problem with this one was that if you go to web/ you will stay there.
So here is my creepy yet working solution:
upstream plex {
server localhost:32400;
}
server {
listen 80;
server_name domain.name;
server_name_in_redirect off;
location / {
proxy_pass http://localhost:8888;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
location /web/index.html {
if ($http_x_should_not_redirect = ""){
return 301 https://domain.name/plex/index.html;
}
proxy_pass https://plex;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header x_should_not_redirect $host;
}
location /web {
proxy_pass https://plex;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header x_should_not_redirect $host;
}
location /plex {
proxy_pass https://127.0.0.1/web;
proxy_set_header X-should-not-redirect $host;
}
location /transmission/rpc {
proxy_pass http://localhost:9091;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
location /transmission/web {
proxy_pass http://localhost:9091;
proxy_pass_header X-Transmission-Session-Id;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/dovgastreetnas.viewdns.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/dovgastreetnas.viewdns.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
}
Hope this will help somebody.

Nginx proxy pass append request parameter to upstream

Here is my site conf -
upstream demo {
server server1:31337;
server server2:31338;
server server3:31339;
server server4:31340;
keepalive 64;
}
server {
listen 80;
server_name www.site.org;
rewrite ^ https://$server_name$request_uri? permanent;
location / {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_cache one;
proxy_cache_key sfs$request_uri$scheme;
proxy_pass http://demo;
}
}
I want when I open www.site.org it should proxy pass to any of the upstream server as server2:31337/mysite
How do I append /mysite request paramater ?
Can you try this
location / {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_cache one;
proxy_cache_key sfs$request_uri$scheme;
rewrite ^(.*)$ /mysite$1 break;
proxy_pass http://demo;
}

Resources