Can't connect to application through External IP.
I started gerrit code review application on GCP's vm instance(CentOS 7).
It works on http://localhost:8080 and I can't connect to it through external IP. Also I tried to create NGINX reverse proxy, but probably my configuration is wrong. By the way after installing NGINX, the starter page were shown on external ip.
# nginx configuration /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name localhost;
auth_basic "Welcomme to Gerrit Code Review Site!";
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
gerrit.config
[httpd]
listenUrl = proxy-http://127.0.0.1:8080/
You use localhost as a server_name. I think that may cause conflict, because you connect to your server externally. You don't need server_name, cause you are going connect to your server by ip. And I recommend you enable logs in your nginx config. It will help you with bug fixing.
I recommend you try this config:
server {
listen 80;
access_log /var/log/nginx/gerrit_access.log;
error_log /var/log/nginx/gerrit_error.log;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
add a line in /etc/hosts
127.0.0.1 internal.domain
Update proxy config
proxy_pass http://internal.domain:8080;
It works with me
Related
I have multiple servers running on the same host. I am trying to configure nginx to route traffic based on the server_name, but all traffic is sent to the first defined server.
I have two urls:
example.domain.net
domain.net
which I have configured nginx to proxy with configuration:
server {
listen 3978;
listen [::]:3978;
server_name example.domain.net:3978 example.domain.net:3978;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://127.0.0.1:8443;
}
}
server {
listen 3978;
listen [::]:3978;
server_name domain.net:3978 www.domain.net:3978;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://127.0.0.1:8020;
}
}
But all traffic to both example.domain.net:3978 and domain.net:3978 is being sent to whichever server is defined first in the file (in this case example.domain.net)
I've seen other examples where this worked like This post. Is this possible with one having a subdomain and another not?
I am using nginx version 1.18.0 with the default nginx.conf on Ubuntu 18.04
server_name should not have ports. Try removing :3978 from the server_name.
Because you have the ports, the hostname does not match any of the server_name. So, the entire traffic is sent to the first server which is considered as a default for no matches.
Well, here we go.
I have an instance in Azure with ubuntu and I'm trying to access an web application out of this machine (Not LocalHost).
First I've installed all dotnet things to make a test application and runned
dotnet new mvc
I check inside Azure machine localhost:5000 and this app test work well.
Then I installed nginx to access my application remotelly. When I access the public IP I can see a page of nginx.
nginx Page
I've try to config thousand times to when I access the public IP the nginx redirect to my web app running in Azure Localhost.
One configuration I've try was
/etc/nginx/sites-enabled
server {
listen 80;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Any Idea to make this works?
Sry for bad english
You have missed server_name parameter.
And if that's the only one config in config dir, then also add default_server option to listen directive, like this:
server {
listen 80 default_server;
server_name my.domain.com;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Change my.domain.com to appropriate FQDN of your Azure instance, so that you can make requests not only by entering IP address in browser, but also with a host name.
And make sure that you have included that config in nginx.conf file, like:
include /etc/nginx/sites-enabled/*;
Hope it will help you to figure out.
I have configured nginx on an EC2 instance.
I am running rabbitmq-management which is running on port 15672 and is accessible using the IP address of the instance.
http://ip-address:15672
I do not want to allow access using the IP address and want to use my domain but using the same port as
http://utils.example.com:15672
For that, I tried to configure the nginx server with configuration
upstream rabbitmq_server {
server localhost:15672;
}
server {
listen 15672 ssl;
server_name utils.example.com;
location / {
proxy_pass http://rabbitmq_server/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
}
}
But, this is giving error on starting the nginx server as
[emerg] 7476#7476: bind() to 0.0.0.0:15672 failed (98: Address already in use)
When I change the port to listen 15673, it works and is accessible using the domain also but is accessible using the IP address also.
How can I use the same internal IP on which application is running to be accessible from http://utils.example.com?
How can I disable direct access from the IP address and restrict access to domain/sub-domain only?
You could use an IF and check the $host variable inside the location, you can find the IF guide for nginx here
https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
Result would be similar to this one
upstream rabbitmq_server {
server localhost:15672;
}
server {
listen 15672 ssl;
server_name utils.example.com;
location / {
if ($host = utils.example.com) {
proxy_pass http://rabbitmq_server/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
}
}
}
1)How can I use the same internal IP on which application is running to be accessible from http://utils.example.com?
You can't have those 2 applicacions (nginx and rabbit) listening to the same port.
sending a petition to ip: http://utils.example.com:15672 and http://ip:15672 is the same (not exactly, but for the example it will work).
My recomendation:
Change rabbitmq port to another one, lets say 15673. and set the nginx config like this:
upstream rabbitmq_server {
server localhost:15673;
}
server {
listen 15672 ssl;
server_name utils.example.com your_ip_numbers;
location / {
proxy_pass http://rabbitmq_server/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
}
}
Like this, both your_ip:15672 and utils.example.com:15672 will go through nginx to be proxied to rabbitmq.
2) How can I disable direct access from the IP address and restrict access to domain/sub-domain only?
Take out "your_ip_numbers" from the server_name directive if you are going to use the recomendation and block any access to port 15673 in the firewall. Localhost proxies are not considered as a normal connection by most firewalls.
And if you only have proxy to rabbitmq to the server bracket of server_name utils.example.com; that's already a way to filter only this subdomain connections to rabbitmq.
If I have not expressed myself correctly, ask me in the comments what I'm refering to, I'd be glad to answer
Edit:
For the ip not to be proxy_passed, creating another default_server bracket in the same port (it's nginx so they don't collide) will send the ip there.
server {
listen 15672 ssl default_server;
server_name _;
return 418; #(or really any code you like)
}
Hope I helped.
I have two instances of nginx server running one with corporate ip and second with internal ip.I want a link from external nginx get redirected to internal nginx server and use external nginx as gateway. Also need to make sure that internal nginx running on dynamic IP
Tried to use variable for dynamic IP as shown in code snippet
location /route/(?<section>.+){
proxy_bind 172.31.*.*;
proxy_pass http://$section/single-table-view;
proxy_set_header Host $http_host;
}
You need to configure nginx as mentioned below:
If you want to redirect your External nginx to Internal nginx you should configure your External server like:
server {
listen 80;
listen [::]:80;
server_name domain_name;
location / {
proxy_pass http://InternalNginxIpAddress:PortYouWant;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Now each request from External nginx will be forwarded to Internal nginx, where your Internal nginx server is set as
proxy_pass http://localhost:PortYouWant;
I have nginx serving a page on port 80.
server {
listen 80;
server_name .example.com;
root /var/www/docs;
index index.html;
}
I also have a service running a server on port 9000. How do I set up a virtual directory in nginx (such as /service) to serve whatever is on port 9000? I am unable to open other ports, so I would like to serve this through some kind of virtual directory on port 80.
Start with that (but you definetly will need more directives to make your server normally answering on this subdirectory):
location /something {
proxy_pass http://localhost:9000/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}