I have Shiny Server working ok on my URL, but am having trouble accessing the apps from a secure connection.
I used Certbot to install the SSL certificate, and followed Step 3 in this guide to set up the reverse proxy.
Entering my URL into a browser now brings me directly to the https site with the default "Welcome to Shiny Server!" page (ie my server ip at port 3838). All the text is there ("If you're seeing this page, that means Shiny Server is installed...etc").
The problem is that the sample apps are not showing - they both return '404 Not Found'.
My nginx server file (nginx/sites-available/shiny-server) looks like this:
server {
listen 80 ;
listen [::]:80 ;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name myURL.com; # managed by Certbot
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myURL.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myURL.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
proxy_pass http://server.ip.address:3838/;
proxy_redirect http://server.ip.address:3838/ https://$host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
}
}
I've tried modifying the location section numerous ways based on other answers on Stack Overflow and elsewhere (eg here) but nothing resolved the issue.
I added the following the bottom of nginx.conf:
# Map proxy settings for RStudio
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
and my shiny-server.conf looks like this (default):
# Instruct Shiny Server to run applications as the user "shiny"
run_as shiny;
# Define a server that listens on port 3838
server {
listen 3838;
# Define a location at the base URL
location / {
# Host the directory of Shiny Apps stored in this directory
site_dir /srv/shiny-server;
# Log all Shiny output to files in this directory
log_dir /var/log/shiny-server;
# When a user visits the base URL rather than a particular application,
# an index of the applications available in this directory will be shown.
directory_index on;
}
}
The apps work fine if I go to http://my.server.ip:3838 or http://myURL.com:3838, but not if I go to https://myURL.com or http://myURL.com (Shiny Server page loads in both cases but the sample apps are 404).
Okay, it turns out the line try_files $uri $uri/ =404; was causing the problem. Commented that out and all is well.
Related
OK, this 502 error is from something different than the other related articles here.
first i managed to setup a v2ray system using ubuntu 22.
I have a domain and a cloudflare account to set DNS for my domain and a 'sub' subdomain connected to my server ip, all set as it should be.
equipped with SSL cert & key using certbot on linux and works ok, website comes up with https just fine.
dns proxy and websocket check are both enable in CF(CloudFlare).
also im using reverse DNS like the famous tutorials saying, so i've edited the /etc/nginx/sites-available/sub.domain.com to become like this:
server {
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name sub.domain.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /subf1 {
if ($http_upgrade != "websocket") {
return 404;
}
location ~ /subf1/\d\d\d\d\d$ {
if ($request_uri ~* "([^/]*$)" ) {
set $port $1;
}
proxy_redirect off;
proxy_pass http://127.0.0.1:$port/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
return 404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/sub.domain.com/fullchain.pem; # mana>
ssl_certificate_key /etc/letsencrypt/live/sub.domain.com/privkey.pem; # ma>
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sub.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name sub.domain.com;
return 404; # managed by Certbot
}
also, have the x-ui v2ray panel installed and everything is setup just right here is a sample vless connection which i used to create normally and worked fine till yesterday:
the 9988 port is defined from x-ui v2ray management panel on the server.
everything was fine until i removed the x-ui panel and installed another version.
since then i cannot make the connections work, no matter what the v2ray client gives this series of errors:
app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://<ip>/subf1/40234): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
proxy/http: failed to read response from 149.xx.xx.xx:80 > io: read/write on closed pipe
some things i did to resolve this are:
restarting nginx
rebooting the server
re-installing the x-ui panel (various versions)
rebuilding the server
changing the subdomain
changing the sub domain + changing the server and gettin a different ip
and SSL is being set just fine with CF SSL selected at Full.
any kind of help and suggestion is so appreciated.
My NextJs application is reachable under https://xyz.pizza/ but doesn't work. For example, if you search for degods, nothing happens when pressing enter.
BUT if you go to the site via http://65.21.252.133:3000/ or http://xyz.pizza:3000/ then everything works fine.
I have completely no idea what causes this issue.
The source code of the project is on GitHub: https://github.com/basti394/nft-research
It's hosted on Hetzner Cloud and runs on NodeJs with Tmux.
My Nginx config:
server { # simple reverse-proxy
server_name xyz.pizza www.xyz.pizza;
location /neo4j {
proxy_pass http://127.0.0.1:7474/browser;
}
location = / {
proxy_pass http://127.0.0.1:3000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xyz.pizza/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xyz.pizza/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
If you need any more information then just ask :)
It's probably due to a missing / at the end of the proxy_pass rule.
location = / {
proxy_pass http://127.0.0.1:3000/;
}
I resolved the issue by removing the = from the location signature.
I also tried it without the trailing / at http://117.0.0.1:3000 and it works as well.
So the location declaration in nginx.conf should look something like this:
location / {
proxy_pass http://127.0.0.1:3000/;
}
I'm having trouble deploying Wordpress in a subdomain where the main domain is running a different app (Shiny server). For the purpose of the question, my-domain.com is the main domain, and the location where I would like to deploy the Wordpress site is my-domain.com/blog. This is the current configuration file I have (in /etc/nginx/sites-available/my-domain.com symlinked into sites-enabled):
server {
root /var/www/my-domain.com; # Wordpress directory
server_name my-domain.com www.my-domain.com;
index index.html index.htm index.nginx-debian.html index.php;
## Shiny server
location / {
proxy_pass http://MY_IP:SHINY_SERVER_PORT;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
## Wordpress subdomain location
location /blog {
try_files $uri $uri/ /index.php$is_args$args;
location ~ /\.ht {
deny all;
}
## Wordpress restrictions
location = /blog/favicon.ico { log_not_found off; access_log off; }
location = /blog/robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
}
## Added PHP config locations for MySQL/WP
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
## SSL configuration added by certbot
# listen [::]:443 ssl ipv6only=on; # commented out as the server is not ipv6
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/my-domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/my-domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.my-domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = my-domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name my-domain.com www.my-domain.com;
return 404; # managed by Certbot
}
The previous version of this site was only Shiny server, and I have a fairly good understanding the configuration works for running just that app under the main domain. For reference, the additional bits were added based on this tutorial. The above configuration runs the Shiny server app just fine on my-domain.com, but when I navigate to my-domain.com/blog, the following "broken" version of Wordpress appears:
I've verified that I have configured Wordpress correctly as well: it works if I comment out the proxy_pass through proxy_set_header lines and add the try_files line to the main location / block and remove the location /blog block). I believe my issue is a misunderstanding of both the var/www directory, no knowledge of php, and a general amateur understanding on Nginx overall. What am I doing wrong here? This question seems to be close to accomplishing what I want, but after implementing this, my-domain.com/blog downloads a php file instead of loading anything. Please let me know if I can provide any additional information - I'm at a loss. Thanks!
In case anyone is curious, I figured this out. I was quite close, but a few things were off.
1.) The Wordpress files were located in the main /var/www/my-domain.com directory, but they needed to be moved to a corresponding subdirectory that lined up with the extension I was trying to move Wordpress to. In this case: /var/www/my-domain.com/blog.
2.) After this, the Nginx configuration from my original question needs to be updated as follows:
From:
## Wordpress subdomain location
location /blog {
try_files $uri $uri/ /index.php$is_args$args;
To:
## Wordpress subdomain location
location /blog {
try_files $uri $uri/ /blog/index.php$is_args$args;
3.) Additionally, and I'm not sure if this matters, but my original root directory was set as /var/www/my-domain.com, and I changed this to /var/www/my-domain.com/. This might not matter at all, but that's the only other thing I can see that's different.
Simple things really that in hindsight seem kind of obvious, but my knowledge of Nginx just wasn't quite there. Anyway, hope this helps anyone who stumbles on this.
I'm struggling with a NGINX based web app , i need to find its root directory that's being served. Its a subdomain and a simple nano /etc/nginx/sites-available/app.refridge.com it has the following contents.
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen *:80;
server_name app.refridge.com;
location / {
rewrite ^ https://$server_name$request_uri? permanent;
}
}
server {
listen *:443 ssl;
server_name app.refridge.com;
access_log /var/log/nginx/app.refridge.com-access.log;
error_log /var/log/nginx/app.refridge.com-error.log;
# SSL configuration
ssl_certificate /etc/nginx/ssl/STAR_refridge_com-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/star_refridge_com.key;
# listen 443 ssl default_server;
There's no root defined even for port 80 and 443 but still the website loads. I mean is there anything i'm missing i need to find the files and do a backup thats why.
Any help would be appreciated.
P.S it's a DigitalOcean droplet.
**UPDATE: ** I think there a reverse proxy setup
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404; }
Assuming 3000 port so this is a node.js application but still there should be files which i can access and do a backup.
Thanks
I want to access grafana from my browser and make it available publicly. However, I am receiving the following error:
If you're seeing this Grafana has failed to load its application files
1. This could be caused by your reverse proxy settings.
2. If you host grafana under subpath make sure your grafana.ini root_url setting includes subpath
3. If you have a local dev build make sure you build frontend using: yarn start, yarn start:hot, or yarn build
4. Sometimes restarting grafana-server can help
I tried going through some issues and added the domain name in the grafana's settings. My NGINX is perfect and as per the documentation. In fact, everything was working well. The problem is in the anonymous session i.e. if I try to load this in no-user mode, it doesn't load. In the logged-in mode, it loads but without all the dashboards that I had created.
My NGINX conf is as follows:
proxy_cache_path /var/nginx/cache levels=1:2 keys_zone=grafana_cache:10m max_size=20g
inactive=60m use_temp_path=off;
server {
server_name foo.bar www.foo.bar;
location / {
proxy_cache grafana_cache;
proxy_pass http://127.0.0.1:3000;
include /etc/nginx/proxy_params;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/foo.bar/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/foo.bar/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.foo.bar) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = foo.bar) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name foo.bar www.foo.bar;
return 404; # managed by Certbot
}
I expect the grafana dashboard to be working with and without the user logging in.
I removed the hash_bucket_size set to 64 in my nginx.conf and got it working.