How can i allow all in nginx? - nginx

My website is only accessible on a certain ip address so i only can have access to it if i'm in that machine or a connection towards it
I tried adding Nginx allow all to the config but it's still not working
server {
listen 80;
server_name domain;
#Specify a charset
charset utf-8;
location /api {
satisfy any;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.226.264:8080;
proxy_read_timeout 90;
allow all;
}
location / {
root /Users/administrator/Documents
try_files $uri /index.html;
}
}
I get this :
This site can’t be reached.
domain’s server IP address could not be found
What do i need to add to make the website accessible by all ip addresses

Try whether you domain is getting resolved using "whois" command from the terminal where you have installed the nginx server :
whois domainname
You have mentioned a "server_name domain" , is that domain resolvable from your terminal ?

Related

Can't get Pocketbase running behind Ngnix as a reverse proxy

I want to use Pocketbase behind Ngnix as a reverse proxy on my Ubuntu-VPS. I followed the documentation on https://pocketbase.io/docs/going-to-production/.
I wanted to put pocketbase to /api/. When i try to connect to the pocketbase admin panel the browser shows some 404 and a ContentSecurityPolicy Error. It looks like this:
It also seems to be that some HTML is loaded from Pocketbase.
This is my current ngnix config (i replaced my domain with test.com)
server {
listen 80;
listen 443 ssl;
server_name test.com;
ssl_certificate /etc/letsencrypt/live/test.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.com/privkey.pem;
location / {
try_files $uri $uri/ /index.html;
root /var/www/html;
index index.html;
}
location /api/ {
# check http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive
proxy_set_header Connection '';
proxy_http_version 1.1;
proxy_read_timeout 360s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8090;
}
}
Pocketbase is started with the default localhost settings on the VPS.
I can even access pocketbase over http://127.0.0.1:8090/api/ when i'm connected via SSH in VS Code and see the requests in the log. (i am surprised that this is even possible. At first i tought i had pocketbase running on my local machine but when i killed the backend on my vps i couldn't access it anymore)
I hope that somebody can help me out as i can't find much about this in the internet.
Problem solved. It works when append a / to the address at the proxy_pass directive
proxy_pass http://127.0.0.1:8090/;

Trying to activate an nginx website on Raspbian on port 8000

I've managed to install nginx and bring up a website on port 81 (port 80 is blocked by my isp). I am trying to enable a second website on port 8000 with someone elses code. My test website was much simpler as I only had to put:
server {
listen 81;
root /var/www;
index index.html;
}
If I go to [http://127.0.0.1:81] in a browser, I will get the above website.
The second website is a bit more complicated and I'm not getting nginx to forward requests on port 8000. I have the second website in /var/www/website2. If I type [http://127.0.0.1:8000], I get "page not found. However, if I type [http://127.0.0.1:81/website2], then I get the website.
I have both sites available and enabled and I have a website2.cfg file located in /etc/nginx/.
Here is the content of the website2 file located in sites-available:
server {
server_name localhost;
auth_basic "Private Site";
auth_basic_user_file .htpasswd;
location / {
root /var/www;
index index.html ;
}
location /captures/ {
root /var/www;
}
location /api/ {
proxy_pass http://localhost:8000;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /video {
proxy_pass http://localhost:8002;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Here is the content of the website2.cfg file located in /etc/nginx/:
[DEFAULT]
# Root directory of the service
root=/var/www/website2
[main]
logFile = /var/log/website2/website2.log
[web]
# Relative URL path to the captured images. Must match what is configurd in nginx, which much
match the directory specified in the [camera] section
capturePath=/captures
# Port on which the web server will listen
port=8000
[camera]
# The number of captured images to retain before pruning old ones
capturesToRetain=100
# The directory to store captured images. Please make sure this matches what was specified in the
[web] section
captureDir=%(root)s/captures
# The port on which the motion program listens for HTTP commands
motionControlPort = 8001
# The port on which the motion program streams video
motionStreamPort = 8002
If I can get this website serving on port 8000, I should be able to get the rest of the site working. Any help would be appreciated.

Nginx proxy_pass, define a non-match case?

I've got 2 files with proxy_pass :
server {
listen 80;
server_name www.domain1.fr;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:2368;
proxy_redirect off;
}
}
and
server {
listen 80;
server_name www.domain2.fr;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:2369;
proxy_redirect off;
}
}
They both work fine.
Now, if I go to this server through another domain name (defined on my DNS server targeting the same IP address), eg. www.domain3.fr, instead of a 404, I've got the same result as www.domain2.fr !
I guess it's because of the last location /, but how can I do a 404 error if the domain name is not the same than server_name ?
I've answered this question so many times I'm thinking of finding a way to make it generic so I could share it when there's a question is asked.
Here's the other answers if you would like to look at it
Nginx Subdomain accessible on subdomain its not configured for
nginx subdomain ssl redirect redirects top level domain
nginx reverse proxy redirecting to wrong domain
you can read on any one why this is happening, on this reference link How nginx processes a request
Simple answer is a small server block to prevent it
server {
listen 80 default_server;
# return a code maybe or do any thing
return 404;
}
of course reload nginx after that to reflect the settings.
Well, I had to add a new config :
server {
listen 80 default_server;
server_name _;
access_log off;
return 404;
}
To be a "catch all".
Source : NGINX multiple server blocks with reverse proxy

How to configure nginx rules so that if one failed it serve the request using another

Note, this question is moved to stackoverflow from superuser
I got the following nginx conf:
server {
listen 80;
listen 443 ssl;
...
# specific rule to serve versioned js resources
location ~ ^/js/([0-9\.]+)/(.*)$ {
alias /opt/x/public/deploy/js/$1/$2;
}
location / {
add_header P3P 'CP="CAO PSA OUR"';
proxy_pass http://127.0.0.1:8088;
set $ssl off;
if ($scheme = https) {
set $ssl on;
}
proxy_set_header X-Forwarded-Ssl $ssl;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
}
It works as expected. However if a certain versioned js resource does not exists in the deployed dir, say /opt/x/public/deployed/js/1.1/, it will return 404. What I want is in that case nginx shall pass the request to the backend service running at 8088 port instead of returning 404. Is this even doable?
Thanks!
Green
http://wiki.nginx.org/HttpCoreModule#try_files
try_files is your friend, here you can do the order you want to try files and finaly have the proxypass upstream.

nginx subdomain to directory , too many redirect , why?

this is my config:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://b.c/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
and browser report to many redirects.
If, as you say, you want to proxy to localhost:8082, you need to say so in the proxy_pass line:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://localhost:8082/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
Without all of the information, it's hard to guess what's going on. Based on the comments, my guess is that you are using virtual hosting so that the upstream site is also served by the same nginx. So this line is the problem:
proxy_set_header Host $host;
The nginx variable $host is pointing to the current Host header (which matches the server_name). So if you set the same host header for the upstream again, then nginx will find the same location block above because nginx relies on the Host header to find the proper server. Thus the redirect loop.
Set
proxy_set_header Host your_upstream_server_name
will fix it then.

Resources