I have a droplet on Digital Ocean, that I am using to host a site and an API for that site.
I would like:
https://example.com to serve the website
https://example.com/api to serve the API, running on port 3000.
Here's my /etc/nginx/nginx.conf file:
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/http-error.log;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server {
server_name example.com; # managed by Certbot
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
# SSL settings
ssl_certificate /path/to/file.pem; # managed by Certbot
ssl_certificate_key /path/to/file.pem; # managed by Certbot
include /path/to/file.conf; # managed by Certbot
ssl_dhparam /path/to/file.pem; # managed by Certbot
proxy_http_version 1.1;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
# Routes
location /api/ {
proxy_pass http://127.0.0.1:3000/;
}
location / {
root /usr/share/nginx/html;
}
error_page 404 /404.html;
location = /40x.html {}
error_page 500 502 503 504 /50x.html;
location = /50x.html {}
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name example.com;
return 404; # managed by Certbot
}
}
Serving the static html files works great, but the https://example.com/api/ returns a 502: Bad Gateway error. I don't understand what I am doing wrong... any help would be appreciated. Thank you.
Turns out my config was totally fine. I just need to enable networking on the Droplet. I used this post to do so. Thanks, everyone!
In short:
setsebool httpd_can_network_connect on
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:3000;
}
This normally does not disappoint me. Please try.
Related
I have this website which i reverse proxied using nginx,
My website has CRUD operations so it uses HTTP PUT and DELETE methods to update and delete records!
I found out that using --http_dav_module solves the issue,
so i added following code into my nginx.conf file,
server {
server_name autoattendance.ml www.autoattendance.ml;
location / {
dav_methods PUT DELETE;
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
but it did not solve the issue,
these request are working fine on my local machine but not on the server!
The console error that i am getting is:
error screenshot
// ps : sorry, i'm not allowed to include images at this point it seems,
The complete nginx.conf file is:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
server_name autoattendance.ml www.autoattendance.ml;
location / {
dav_methods PUT DELETE;
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/autoattendance.ml/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/autoattendance.ml/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
server {
if ($host = www.autoattendance.ml) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = autoattendance.ml) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name autoattendance.ml www.autoattendance.ml;
return 404; # managed by Certbot
}}
Hi I'm quite inexperienced with NGINX and am having difficulty understanding why things aren't working as expected. I'm trying to test an API that I made with a docker container, which is being run with the command: docker run -d -v $(pwd):/app -p 8080:8000 --rm wiseeast/ya_bot.
I'm able to make API requests with Postman at http://ffpr.isi.edu:8080/api with a POST request, but the same request on AJAX with javascript returns an apparently frequent No 'Access-Control-Allow-Origin' header is present on the requested resource. error. I tried to bypass this by enabling CORS on my server by adding add_header 'Access-Control-Allow-Origin' '*' always; because I have control over it but it didn't resolve the issue. Also what is bugging me is that with Postman I can make a successful POST request to http://ffpr.isi.edu:8080/api but not to https://ffpr.isi.edu:8080/api.
Also, I have a rerouting issue that I feel should be straightforward given what I've read but isn't working. I have a webpage properly rerouting http://ffpr.isi.edu to https://ffpr.isi.edu but the rest of the rerouting doesn't work. For instance http://ffpr.isi.edu:5050/ loads through port 80 unsecurely and won't reroute to https://ffpr.isi.edu:5050/. On the other hand, https://ffpr.isi.edu:5050/ won't open at all with a time out error.
Here is my full nginx.conf file:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
upstream frontend {
server 0.0.0.0:8000;
}
upstream ased_api {
server 0.0.0.0:5000;
}
upstream ya_bot {
server 0.0.0.0:8080;
}
upstream yesand {
server 0.0.0.0:5050;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
return 301 https://$host$request_uri;
}
# Settings for a TLS enabled server.
#
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ffpr.isi.edu;
ssl_certificate "/etc/nginx/ssl/ffpr_isi_edu_cert.cer";
ssl_certificate_key "/etc/nginx/ssl/ffpr_isi_edu.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
add_header 'Access-Control-Allow-Origin' '*';
proxy_pass http://frontend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /api {
proxy_pass http://ased_api;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /ya_bot {
proxy_pass http://ya_bot;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
location /yesand {
add_header 'Access-Control-Allow-Origin' '*';
proxy_pass http://yesand;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /usr/share/nginx/html;
ssl_certificate "/etc/nginx/ssl/ffpr_isi_edu_cert.cer";
ssl_certificate_key "/etc/nginx/ssl/ffpr_isi_edu.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
I've been suffering with these issues for so long, any pointers are greatly appreciated!!
In my experience, the add_header 'Access-Control-Allow-Origin' '*'; on the proxy machine did not fix the problem.
However, setting the 'Access-Control-Allow-Origin' header from the backend API as a response header did work. For example, You can run the following Go code on the backend API:
(*w).Header().Set(“Access-Control-Allow-Credentials”, “proxy-host-name”)
As for the redirect issue, you don’t need to use two separate server blocks, try this instead in the nginx.conf:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ffpr.isi.edu;
ssl_certificate "/etc/nginx/ssl/ffpr_isi_edu_cert.cer";
ssl_certificate_key "/etc/nginx/ssl/ffpr_isi_edu.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
if ($scheme != https) {
return 301 https://$host$request_uri
}
}
I hope this helps.
I am trying to setup tusd with Uppy on https without success. It works well on http.
Here's my nginx conf file:
server {
listen 80;
listen[::]: 80;
server_name
DOMAIN.com
www.DOMAIN.com;
root / srv / users / DOMAIN / apps / DOMAIN / public;
access_log / srv / users / DOMAIN / log / DOMAIN / DOMAIN_nginx.access.log main;
error_log / srv / users / DOMAIN / log / DOMAIN / DOMAIN_nginx.error.log;
proxy_set_header Host $host;
proxy_set_header X - Real - IP $remote_addr;
proxy_set_header X - Forwarded - For $proxy_add_x_forwarded_for;
include / etc / nginx - sp / vhosts.d / DOMAIN.d
/*.nonssl_conf;
include /etc/nginx-sp/vhosts.d/DOMAIN.d/*.conf;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name
DOMAIN.com
www.DOMAIN.com
;
ssl_certificate_key ssl/DOMAIN.key;
ssl_certificate ssl/DOMAIN.combined_crt;
root /srv/users/DOMAIN/apps/DOMAIN/public;
access_log /srv/users/DOMAIN/log/DOMAIN/DOMAIN_nginx.access_ssl.log main;
error_log /srv/users/DOMAIN/log/DOMAIN/DOMAIN_nginx.error_ssl.log;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Forwarded-Proto $scheme;
include /etc/nginx-sp/vhosts.d/DOMAIN.d/*.ssl_conf;
include /etc/nginx-sp/vhosts.d/DOMAIN.d/*.conf;
location /files/ {
#resolver 8.8.8.8 4.2.2.2;
proxy_pass http://localhost:3020/files;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# Disable request and response buffering
proxy_request_buffering off;
proxy_buffering off;
proxy_http_version 1.1;
# Add X-Forwarded-* headers so that response can reference https and
# originating host:port
proxy_set_header X-Forwarded-Host $hostname;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Allow proxying of websockets if required
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 0;
}
}
At another conf file I have this additional configuration:
location / {
proxy_pass $backend_protocol://$backend_host:$backend_port;
}
At Chrome console I have the following output:
upload.js:2 OPTIONS https://DOMAIN/files/2b775a112504ed1222c6ffdd4fbdac03+Dc99JI0Zvgh54FXVfpp5K32GAiZBjV5bY-d9tzj8fDL1FxNKKZrHP_SBE6OERG8SWAm1ZjqtjYMVWSvWCQLba0qsR8krfVBYw8ApHqIBO7DG9Bn1t_tv_a6nuuTuqlXC net::ERR_NAME_NOT_RESOLVED
Notice the domain without the .com extension!
I tried all combinations of configuration, commenting the configuration lines without success. Can you spot the mistake?
A contractor solved it for me and the solution is neat. He did it instead configuring Apache.
At the first nginx conf file he removed the "location /files/" section entirely. At the apache conf file, he added the following lines:
ProxyPass /files http://localhost:3020/files
ProxyPassReverse /files http://localhost:3020/files
And it worked.
This is pretty clearly a network issue which should be a definite mismatch between the data that is advertised in the HTTP Headers and the data transferred over the wire.
It could come from the following:
Server: If a server has a bug with certain modules that changes the content but don't update the content-length in the header or just doesn't work properly. It was the case for the Node HTTP Proxy at some point (see here)
Proxy: Any proxy between you and your server could be modifying the request and not update the content-length header.
This problem could also be the nginx docker container disk space. Just check and if full please clear the files.
Let me know if that helps.
Re-use then adapt (from companion.mywebsite.com to yourdomain.com) this working nginx configuration file :
( don't forget to change also ssl_certificate, ssl_certificate_key and ssl_dhparam )
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
server_name companion.mywebsite.com;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://0.0.0.0:3020;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/companion.mywebsite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/companion.mywebsite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = companion.mywebsite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name companion.mywebsite.com;
return 404; # managed by Certbot
}}
Then try again... if you get this error:
Nginx Error: The page you are looking for is temporarily unavailable. Please try again later.
Run:
setsebool -P httpd_can_network_connect 1
To fix permission then restart apache
I'm trying to redirect an APP that already works, to https.
The app is a PWA that is running locally, on 8080 port.
I know that's something in my configuration, because the root works ok, but the sub apps doesn't.
The root is just a html with the routes for the sub apps.
This is the app that I'm trying to redirect: https://github.com/PolymerLabs/multitenant-prpl
This is my configuration file, that I've made with searching around and mixing things into the main nginx configuration file.
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
upstream node-app {
least_conn;
server 192.168.0.9:8080 weight=10 max_fails=3 fail_timeout=30s;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
# https redirection
location / {
return 301 https://$host$request_uri;
}
}
server {
# http2 setup
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name node-app;
# ssl setup
ssl_certificate /etc/nginx/certs/nginx.crt;
ssl_certificate_key /etc/nginx/certs/nginx.key;
ssl_dhparam /etc/nginx/certs/dhparam.pem;
# server redirection
location / {
proxy_pass http://node-app$request_uri;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
}
}
Probably something is missing.
Thanks in advance.
Images:
The root working.
Another route with the dev tools open, the error is a bit longer.
I need to install a uWSGI app and Kibana4 / elastic search stack on the same server. The uwsgi app only needs to be used when a user accesses the server via [server_IP]/charts/ and I'd like Kibana4 to be accessed via [Server_IP].
Both listen on port 80 via their own separate conf files and, predictably, the uwsgi app doesn't allow for Kibana4 to receive requests.
How would I adjust my conf files to allow the access I need? I'm a bit confused as to what I need to use (rewrite, redirect, something else?)
Thanks for your time
nginx_conf_for_uwsgi:
server {
server_name 192.168.250.37;
listen 80;
root /usr/local/wsgi;
access_log /var/log/nginx/graph_server/access.log;
error_log /var/log/nginx/graph_server/error.log;
client_max_body_size 500M;
proxy_read_timeout 600;
location / {
include uwsgi_params;
uwsgi_pass 192.168.250.37:9091;
uwsgi_read_timeout 600;
}
}
kibana4.conf:
server {
listen 80;
server_name 192.168.250.37;
#auth_basic "Restricted Access";
#auth_basic_user_file /etc/nginx/htpasswd.users;
location / {
proxy_pass http://192.168.250.37:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
nginx.conf:
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
index index.html index.htm;
# Increase header buffer size (needed for PHP)
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
# Update the logs to display the real IP address after removing the IP for
# the load balancers
set_real_ip_from redacted; # a
set_real_ip_from redacted; # b
real_ip_header X-Forwarded-For;
real_ip_recursive on;
# Custom logger to display the subdomain folder (if applicable)
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format log_thing '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$http_x_forwarded_for" sub:"$subdomain"';
log_format i_server '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'filename:"$http_filename"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
server_name localhost;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
One way is to use nginx as a reverse proxy which is effectively what you are doing already. This way you have one nginx virtual host listening on port 80 which forwards different locations to separate nginx vhosts listening on different ports on your system.
You nginx reverse proxy vhost would look something like this, the 3 proxy_set_header lines can be moved to the server block if all locations work with them
server {
listen 80;
server_name 192.168.250.37;
port_in_redirect off
location / {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /charts {
proxy_pass http://127.0.0.1:8082;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Then change you Kibanaconf to listen on port 8081 and uwsgi to listen on 8082
Alternatively you can combine the two vhosts into one and will need to set custom aliases for the root folders under each location and rearrange.
server {
listen 80;
server_name 192.168.250.37;
root /usr/local/wsgi;
client_max_body_size 500M;
proxy_read_timeout 600;
#auth_basic "Restricted Access";
#auth_basic_user_file /etc/nginx/htpasswd.users;
location / {
proxy_pass http://192.168.250.37:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /charts {
include uwsgi_params;
uwsgi_pass 192.168.250.37:9091;
uwsgi_read_timeout 600;
}
}