nginx reverse proxy for kibana - kibana

I am using this part in nginx config file
location ~ ^/kibana(.*) {
rewrite /kibana/(.*) /$1 break;
proxy_pass http://core-services-local-nginx-ingress-controller.kube-system:80;
proxy_redirect off;
proxy_set_header Host "kibana-service-local";
}
but the issue is ,when i do localhost/kibana/ it is redirecting to localhost/app/kibana and displaying 4o4 not found .
why it is happening? how to resolve this issue?I want kibana dashboard to come when hitting localhost/kibana/.

set the server.basePath setting in kibana.yml to /kibana.

Related

Nginx backslash not supported for proxy_pass (use as a reverse proxy)?

I'm trying to host a 3rd party rather advanced Java app thru Wildfly using NGINX.
I've tried the following things (please check out the commented out config too)
location /app {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:8080/app;
proxy_redirect off;
#rewrite ^/$uri $uri break;
#rewrite ^/(.*)/$ /$1 permanent;
}
#location ^~ /app/*\\ {
# proxy_pass http://localhost:8080/app/*\\;
#}
When I go to my hostname/app I can see the complicated Java Web App and login, but when it needs to load some documents it throws out the following XHR error (500 for this URL, but it's actually just 404):
https://example.org/app/app/resource/templateTree/\?count=200&orderBy=-1&orderDirectionAscending=false&fldrTime=-1&hash=53cdac085761b1a3fb5ba4535c8edf85e91c2f
How do I properly rewrite this URL with the backslash? That's exactly what I've tried in the config below, but failed miserably.
The server block itself is defined fine, just under location the rewriting should be added. When I run the application on localhost (without NGINX) I get the following URL in the XHR request, which succeeds:
http://10.0.2.4:8080/app/app/resource/document/home/%5C?count=200&orderBy=-1&orderDirectionAscending=false&fldrTime=0
proxy_pass http://localhost:8080/app$uri; doesn't work at all apparently :(
Wow, all I had to do was remove the /app in proxy_pass http://localhost:8080.
Case closed
bangs hammer

Nginx set_proxy_header host adds www to the host

location / {
proxy_set_header Host sub.domain.host.com;
proxy_pass https://other.host.com/;
}
The host header ends up being www.sub.domain.host.com, is there a way to prevent the www from being added?
Edit, I was wrong. You can create more levels on your domain.
https://webmasters.stackexchange.com/questions/77534/subdomain-of-subdomain-how-is-it-possible

Issue accessing plotly dash behind nginx

I have a dash plotly running on a VM with ip address 192.168.8.3 on port 5050. Locally, I can access the dashboard using the url http://192.168.8.3:5050.
Now I am trying to enable access via Nginx on http://myserver.com/dashboard/devs. However, when i try access it, in the browser console there is some files not found:
GET http://myserver.com/assets/header.css?m=1597279663.0
GET http://myserver.com/assets/typography.css?m=1597279663.0
This is my nginx configuration:
server {
server_name myserver.com;
location /dashboard/devs {
rewrite ^/(dashboard/devs)/(.*) /$2 break;
proxy_pass http://192.168.8.3:5050;
proxy_set_header X-Real_IP $remote_addr
...
proxy_set_header Host $http_host;
proxy_redirect off;
}
}
Finally it was resolved using flask to redirect "/" requests to "/dashboard/devs/". The nginx configuration was left untouched.

nginx Reverse Proxy with plesk

I've already seen some answers on here and none of the solutions seem to work.
I have domain.com with a wordpress install
and a script running on domain.com:6000
I want to be able to have script.domain.com show what's on domain.com:6000
Now the other big issue is plesk. (It gets a lot of hate but the people using the website like the UI.) but here's what I've done/tried
New folder and file in /var/www/vhosts/domain.com/conf
file : vhost_nginx.conf
and what's currently in it
server {
listen 80;
server_name script.domain.com;
location / {
proxy_pass http://domain.com:6000;
}
}
Also having tried
location /script/ {
proxy_pass http://domain.com:6000/;
}
to try and have domain.com/script show something different.
Any suggestions?
Right now in PLesk 12.5 there is no way to override "location /" via plesk, because all custom conf files are added at the end of nginx's server section after default "location /" derectives.
You can create or change hosting type of your subscription to forwarding like in this answer https://serverfault.com/a/541055/154664
But in this case port will be visible in URL.
Another solution is to create your own custom virtual host in nginx in some separate config - it's actually easiest way now.
Another solution is to customize virtual hosting templates, but it's too much side effects on Plesk upgrade.
I put this in the Plesk UI under additional nginx directives and it worked for me. You can remove the if, if you are ok with http traffic. Also replace <*> accordingly. For instance:
<your-domain> = script.domain.com, <your-host> = localhost <your-port> = 6000
if ($scheme = http) {
return 301 https://<your-domain>;
}
location ~ / {
proxy_pass http://<your-host>:<your-port>;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}

Artifactory Browsing With Nginx & HTTP SSO Too Slow

I have setup a reverse proxy between Nginx and Artifactory, following instructions from here : https://www.jfrog.com/confluence/display/RTF/nginx
I've also enabled HTTP SSO in Artifactory so that a user authenticated by Artifactory is able to log in to Artifactory automatically. Instructions followed from here : https://www.jfrog.com/confluence/display/RTF/Single+Sign-on
Everything is working except that Artifactory is really slow. When I go to the website (eg. artifactory.myorg.com/webapp/#/home,) a progress wheel comes up and it keeps rolling and on every page.
If I turn off Nginx and access Artifactory using its embedded Tomcat engine then everything works fine.
Is there anything I can do to fix this ?
Update
The browsing is fine as soon as I turn off the following setting:
proxy_set_header REMOTE_USER $remote_user;
I am guessing that Artifactory is currently processing this user setting for every request and maybe I need to do something at Tomcat side or to Artifactory settings to resolve that.
Here's how my nginx/artifactory config looks (They were generated by Reverse Proxy setup page in Artifactory 4.4):
ssl_certificate /etc/ssl/certs/dummy.crt;
ssl_certificate_key /etc/ssl/keys/dummy.key;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers on;
server {
listen 443 ssl;
server_name dummy.net;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
## Application specific logs
access_log /var/log/nginx/dummy-access.log;
error_log /var/log/nginx/dummy-error.log;
rewrite ^/$ /artifactory/webapp/ redirect;
rewrite ^/artifactory$ /artifactory/webapp/ redirect;
location /artifactory/ {
auth_pam "Secure Zone";
auth_pam_service_name "sevice";
proxy_read_timeout 900;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_pass http://127.0.0.1:8081/artifactory/;
proxy_set_header DUMMY_USER $remote_user;
proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Yes. Using Nginx as a reverse proxy should not add noticeable overhead, and could speed up the experience if you use it to serve the static assets.
Your testing so far as implicated Nginx, so posting your related Nginx configuration would be helpful.
But I'll go out a limb and make a guess without seeing it. You are likely using proxy_pass in Nginx to send requests on to Artifactory. If Artifactory is on the same host as Nginx, the proxy_pass address should be a port on 127.0.0.1. If you are instead including a domain name there, then your traffic might doing some like being routed from Nginx back to a load balancer, through CloudFlare, or some other inefficient route.
After trying to reproduce your scenario a few times would recommend to try one more thing to isolate the problem.
Try to set a fix username in the REMOTE_USER value, instead of a variable.
proxy_set_header REMOTE_USER username;
BTW, from the snippet it appears the header name is DUMMY_USER and in the example you specified REMOTE_USER. Make sure you the header name is the same as configured in Artifactory under the Admin > Security | HTTP-SSO .
If this issue still reproduces, please contact support#jfrog.com.

Resources