How to assign subdomain location to subpath in Nginx? - nginx

I'm setting up reverse proxy settings of two apps hosted on the same Digital Ocean droplet. Reverse proxied by Nginx.
A pure front-end app (localhost:3000) on example.com
A Strapi API (localhost:1337) on api.example.com
The Strapi admin dashboard (localhost:1337/admin) on admin.example.com
For the moment, i tried to basically have a admin.example.com file in my /sites-available/ folder which have a location binded to localhost:1337/admin
// nginx/sites-available/admin.francoisglevarec.com
server {
listen 80;
root /var/www/admin.francoisglevarec.com;
index index.html index.htm index.nginx-debian.html;
server_name admin.francoisglevarec.com www.admin.francoisglevarec.com;
location / {
proxy_pass http://localhost:1337/admin;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
The problem is that every request are returning 404 and the app is crashing. If i remove the /admin from proxy_pass http://localhost:1337/admin it takes me obviously to the wrong location but everything works when i navigate to admin.example.com/admin. But the idea here is to get rid of the /admin.
Thank you everyone

Related

How to remove https port after redirect on nginx from asp.net app

I'm using an asp.net core app that calls the function app.UseHttpsRedirection(); and app.UseHsts();.
I can host the app on ubunto server on port 5000 for http and 5001 for https.
Now I need to host this with ngnix. This is my config:
server {
listen [::]:443 ssl default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name myServername;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
}
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
Now when I call my page, it forwards me to https://myServername:5001. I need to change this port to be the standard port of https 443.
How should it be done?
Please note, that I have added my certificate there in the asp.net application.
I could solve it. My mistakes were:
No need to load the certificate in the asp.net app at the start.
Remove app.UseHttpsRedirection(); from the code.
Load the certificate at the ngnix server.
Following link is helpful:
https://github.com/tonysneed/Demo.AspNetCore-Nginx-Ssl
I was pointing to plain http localhost:5000 with nginx, as always, then was using certbot to secure connection. I have no idea why, but propably after .Net update it started to redirect from my domain to ***.5001 and of course throws error.
App was working with same settings for 1 year, and had no problem. I have checked it also in git history, there was app.UseHttpsRedirection();.
I rolled back, checked, it started working, and ran dotnet update last night again, and it caused problem of 307 redirect.
I have no idea why two versions of .Net works different but /*app.UseHttpsRedirection();*/ did the trick.

Using reverse proxy to expose code-server to the internet

I have installed code-server on my Plesk VPS, and i was wondering how to expose it to the outside world using a reverse proxy.
Currently code-server is bound to 127.0.0.1:8080, and if i use wget via SSH i get the expected page.
How do i go about exposing code-server to the internet (using reverse proxy) on Plesk/CentOS
I’ve tried using vhost_nginx.config file but to no luck
location ~ / {
proxy_pass http://localhost:8080;
proxy_read_timeout 90;
}
You can try using my nginx config, change app URL and app port if needed, put it in /etc/nginx/sites-available than use symlink to /etc/nginx/sites-enabled, and don't forget to restart nginx.
server {
listen 80;
server_name example.com; #change app url
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080; #change app port
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# location /overview {
# proxy_pass http://127.0.0.1:8080$request_uri; #change app port
# proxy_redirect off;
# }
}
}

How to setup a Nginx reverse proxy for an ASP.NET app URL

I have an ASP.NET based app (on IIS8); which loads perfectly when visiting it directly at: http://localhost:89/files
When I visit my ngnix reverse proxy URL: http://localhost/files, instead of loading the webpage, the file Login.aspx is downloaded by the web browser. I don't have any issues with reverse proxying the root domain (for regular HTML webpages).
I would like to resolve this issue without modifying my ASP.NET app if at all possible. Below, is the configuration I'm using in nginx.conf:
server {
listen 80;
server_name localhost;
location / {
root "C:\inetpub\wwwroot";
index index.html index.htm;
}
location /files {
proxy_pass http://localhost:89/files/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Maybe, there's something I need to change on my Web.config file for the ASP.NET app?

Access a web app (ASP.NET) from another machine using nginx

Well, here we go.
I have an instance in Azure with ubuntu and I'm trying to access an web application out of this machine (Not LocalHost).
First I've installed all dotnet things to make a test application and runned
dotnet new mvc
I check inside Azure machine localhost:5000 and this app test work well.
Then I installed nginx to access my application remotelly. When I access the public IP I can see a page of nginx.
nginx Page
I've try to config thousand times to when I access the public IP the nginx redirect to my web app running in Azure Localhost.
One configuration I've try was
/etc/nginx/sites-enabled
server {
listen 80;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Any Idea to make this works?
Sry for bad english
You have missed server_name parameter.
And if that's the only one config in config dir, then also add default_server option to listen directive, like this:
server {
listen 80 default_server;
server_name my.domain.com;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Change my.domain.com to appropriate FQDN of your Azure instance, so that you can make requests not only by entering IP address in browser, but also with a host name.
And make sure that you have included that config in nginx.conf file, like:
include /etc/nginx/sites-enabled/*;
Hope it will help you to figure out.

Subdomain with SSL certificates can't be reached

I have an asp net core application running in a Linux server on a Google Cloud engine. The home page is displayed perfectly, but when I click a button to navigate to a subdomain I get "This site can’t be reached" with "ERR_NAME_NOT_RESOLVED". I don't see any errors in the application log so I suppose the call can't even reach the application.
When the application is running on a local Windows machine all the subdomains are able to reach and completely working.
I've tried running the application in an local Linux machine and the results are the same. Everything is working fine.
On the server subdomain are only able to reach when there is no SSL certificate requested for.
For example when I create a subdomain: subdomain.example.com am I able to reach it. With this working I requested a certificate for the current subdomain. This is working aswell and the subdomain is currently secured. But when I create a new subdomain and repeat the previous steps the earlier subdomain isn't working anymore but the new subdomain is.
Beside all this subdomains are working perfectly when no certificate is requested but then are the subdomains "unsecured".
The certificates are requested using GoDaddy.
This is the Nginx configuration:
server {
server_name example.com *.example.com;
location / {
proxy_pass https://localhost:5001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /activityhub {
proxy_pass https://localhost:5001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /votehub {
proxy_pass https://localhost:5001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl;
ssl_certificate /root/letsencrypt/dehydrated/certs/example.com/fullchain.pem;
ssl_certificate_key /root/letsencrypt/dehydrated/certs/example.com/privkey.pem;
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
}
}
The idea is a site where users can create different subdomains for their organisations. So when a user presses a button they can create a subdomain: organisation.example.com to display their own organisation. The application creates at this moment a subdomain on https://organisation.localhost:5001. Now this should automatically be display secured on the website with dns like "https://organisation.example.com. The domains requested for the SSL certificate are example.com and *.example.com
I expect to get all the subdomains working with SSL certificate without subdomains being unsecure or unreachable. All those subdomains should be working with wildcards.

Resources