Can not proxy assets requests to file storage with nginx - nginx

I am trying to proxy requests to digital-ocean space storage, example: GET http://example.com/download/image_id.jpg ---> https://bucket-name.fra1.cdn.digitaloceanspaces.com/images/image_id.jpg, but I get
<Error>
<Code>NoSuchBucket</Code>
<BucketName>example.com</BucketName>
<RequestId>tx000000000000018d441fd-005d582ff2-1b7a15-fra1a</RequestId>
<HostId>1b7a15-fra1a-fra1</HostId>
</Error>
Here is my full configuration:
server {
listen 80;
listen [::]:80;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /download/ {
proxy_pass https://bucket_name.fra1.digitaloceanspaces.com/images$request_uri;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
resolver 8.8.8.8;
}
}
I have already tried different options with/without trailing slash, but after reading docs carefully, I think now it is optimal, configuration,
also I tried to debug where I am proxied replacing
proxy_pass https://bucket_name.fra1.digitaloceanspaces.com/images$request_uri;
with
proxy_pass https://google.com/images$request_uri;
and it gave me what I expected.
According to docs, what I want to do looks like this:
location /download/ {
proxy_pass https://bucket_name.fra1.digitaloceanspaces.com/images;
...
So that download part is replaced with images, but, it didn't work.
At the moment (after debugging with google) I am almost confident that url after proxie_pass is equal to https://bucket_name.fra1.digitaloceanspaces.com/images/image_id.jpg, so maybe the key problem is in wrong approach to "spaces"
P.S. I'm open to advices about better way to log/debug proxy_pass value .

So... proxy_set_header Host $host;was breaking everything. Removing it fixed proxing.

Related

NGINX as reverse proxy to serve paths directly via url

I am looking to configure nginx to serve following requirement
We are serving individual websites at www.company.com/mywebsites and want to use nginx as reverse proxy to serve the same website on custom URL e.g www.mywebsites.com
I have configured dns of mywebsites.com to point to nginx server and following code block serves the home page of www.company.com
server {
server_name www.mywebsites.com;
location / {
proxy_pass http://127.0.0.1:9002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
however i am struggling to get the part of redirecting www.mywebsites.com to the www.company.com/mywebsites path. I have tried added proxy_redirect but that didn't help and also trying to add path in the proxy_pass doesn't work either as it then tries to fetch all of the components using www.company.com/mywebsites/required/componenets.css which results in 404 as the correct path is www.company.com/required/componenets.css
You might need to do this change:
server {
server_name www.mywebsites.com;
location / {
rewrite /mywebsites/(.*) /$1 break;
proxy_pass http://127.0.0.1:9002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
}
However, I truly recommend that this issue to be fixed from the site code itself (I don't know what the site is developed with), as this might have unknown side effects on some URLs.

NGINX internal redirect from uri path to JSF context root

I'm configuring a cloud server which use NGINX as reverse proxy to serve different applications on different URI (all the applications are on the same wildfly standalone instance).
To be more specific i've a JSF application with a contextroot, let's say, /jsfcontext and i've set up a NGINX location like /mypublicuri.
What happens is that when I navigate to https://myserver.com/mypublicuri/index.xhtml i receive the following error:
/mypublicuri/index.xhtml Not Found in ExternalContext as a Resource.
I'm pretty sure it's related to a missing internal redirect route or some kind of "hack" that i need to specify in order to make everything work but i'm a newbie in NGINX and I don't know how to properly set everything up.
Thanks for the help
Cheers
Read NGINX documentation but my lack of english knowledge makes difficoult to understand what should I have to do
My actual NGINX config
server {
server_name myserver.com www.myserver.com;
access_log /usr/share/logs/access.log;
error_log /usr/share/logs/error.log;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_intercept_errors on;
location /anotherworkingapp {
add_header Allow "GET, POST, HEAD, PUT, DELETE" always;
proxy_pass http://127.0.0.1:8080$request_uri;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
location /mypublicuri {
proxy_pass http://127.0.0.1:8080/jsfcontext$request_uri;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
}

Nginx serves root of one subdomain instead of root of another subdomain

I have two subdomains, app.mydomain.com and v1.api.mydomain.com, pointing to the same IP. I want app.mydomain.com to be proxied to localhost:5000 and v1.api.mydomain.com to be proxied to localhost:1337.
The following configuration does it (app.mydomain.com/... is served by localhost:5000 and v1.api.mydomain.com/... is served by localhost:1337) except for one thing: the root of v1.api.mydomain.com (with or without a trailing slash) isn't served by localhost:1337, it is served by localhost:5000 (app.mydomain.com) and therefore it doesn't display what I expect. How is this possible?
My first configuration file in sites-enabled:
server {
listen 80;
server_name app.mydomain.com;
location / {
proxy_pass http://localhost:5000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
My second configuration file in site-enabled:
server {
listen 80;
server_name v1.api.mydomain.com;
location / {
proxy_pass http://localhost:1337/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
To make sure that the problem wasn't a redirection of some sort by the server running on localhost:1337, I shut it down and the problem is still there, so it really is something with my nginx configuration. Thanks for helping.

Proxy_pass to url NGINX with a Meteor Server

I have configured a meteor server and setup the nginx configuration. The route works however when configuring dynamic subdomains to point to a specific part of the web app it produces a 404 error on the browser when loading the meteor file.
I am attempting to direct all *.domain.com to http://localhost:3000/booking/
My configuration is:
server {
server_name *.domain.com;
listen 80;
location / {
proxy_pass http://localhost:3000/booking/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; #for websockets
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
The 404 occurs in the Meteor JS file.
If I remove the above nginx subdomain configuration and go to a subdomain it works perfectly, loading the route application. I assume I am missing something to load the application correctly.
The issue only occurs when I proxy_pass to a route within the URL <url>/booking
There are different ways of solving the issue.
1 - In case of 404 try a fallback option without booking in url
server {
server_name *.domain.com;
listen 80;
location / {
proxy_pass http://localhost:3000/booking/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; #for websockets
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
error_page 404 = #fallback;
}
location #fallback {
proxy_pass http://localhost:3000/$request_uri;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; #for websockets
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
2 - Have a separate block for js and css
server {
server_name *.domain.com;
listen 80;
location / {
proxy_pass http://localhost:3000/booking/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; #for websockets
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
location ~ \.(js|css|font)$ {
proxy_pass http://localhost:3000/$request_uri;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
I have a similar setup, where I have configured different Meteor applications on several subdomains plus a static website on the domain root, all pointing interlly to different ports.
Here is my setup step by step.
Folder structure, location and proxy pass
First thing to think about is the folder strucutre. Depending on your subdomain's VHost-root directory there is a relative path to your subdomain's application folder.
Imagine the following setup:
/www (dir, usually under /var)
/domain (dir)
/websitexy (dir, a static website is deployed under this dir)
/subdomain (dir)
/books (dir, subdomain app is deployed under this dir)
For such a setup I made my nginx config to point to the app's location within the subdomain:
location /books {
I had a similar issue when first time starting my app. One thing I found out is, that my config worked, when setting proxy_pass on my private ip/port combination:
proxy_pass http://172.x.x.x:3000;
This also involves to remove the route name (/books) adter the port number on this entry. Now your proxy pass involves all routing within your subdomain.
Note on routing
Note, that there can be confusion about routing here. By setting the location property you set the routing on the nginx level (server's directory structure), which is why there is no route within your proxy pass.
Your application may have it's own internal routing defined. It is important, that you app's internal router retrieves all requests based from it's application ur root. This is why it is important to have the proxy pass not to include any path after the port number.
Websocket
I have read some articles on nginx and websocket connections. Basically my initial settings came from this article and looked like from this documentation article:
location /app {
proxy_pass 172.x.x.x;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
I also had to add a proxy_read_timeout and proxy_send_timeout because there was an issue with the websocket protocol otherwise:
By default, the connection will be closed if the proxied server does
not transmit any data within 60 seconds. This timeout can be increased
with the proxy_read_timeout directive
So I also set the timeout values:
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
proxy_set_header Connection "upgrade";
Read more on this here and here.
Summarizing my setup looks like the following (using your app credentials):
location /books {
proxy_pass http://172.x.x.x:3000;
proxy_http_version 1.1;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
So to solve your case, you may check on your vhost directory (the one where your app is deployed, see folder structure above) and change your location and proxy_pass setting accordingly.
If this is not working, you may need to add some more output of your errors, e.g. a excerpt of the log when attempt to connect.

NGINX redirecting to root for escaped_fragment URI

I have a very weird situation where NGINX (used as proxy for node app) is redirecting all ?_escaped_fragment_= to root (/) when using https://domain.com?_escaped_fragment_=/app/someurl BUT when I use https://dev.domain.com?_escaped_fragment_=/app/someurl all works fine.
Just want to make it clear that prerenderer works well and I have tested it both directly on machine as well as using dev subdomain.
I can give the original URL for those that would like to check things live.
Thanks a million guys :)
server {
server_name domain.com www.domain.com;
listen 80;
return 301 https://domain.com$request_uri;
}
server {
server_name domain.com;
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/***.crt;
ssl_certificate_key /etc/nginx/ssl/***.key;
location / {
proxy_pass http://x.x.x.x:4567;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
server_name dev.domain.com;
location / {
proxy_pass http://x.x.x.x:4567;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
For those of you who had a similar experience maybe also with apache please note that it's not NGINX but the app where you need to specify to the prerender middleware .set('protocol', 'https'));
protocol
Option to hard-set the protocol. Useful for sites that are available
on both http and https.
app.use(require('prerender-node').set('protocol', 'https'));

Resources