I have two servers running on a DigitalOcean droplet. One is a Django/Wagtail application served with Gunicorn (used as a headless CMS), and the other is a SSR Nuxt.js app (front-end). Using the following nginx configuration I’ve made the Nuxt app available at example.com (works great), and now I’m trying to make my Django/Wagtail application available at the subdomain cms.example.com. (I’ve modified my local hosts file so the domain example.com actually functions)
/etc/nginx/sites-available/default
server {
listen 80;
listen [::]:80;
server_name example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 80;
listen [::]:80;
server_name cms.example.com;
location / {
include proxy_params;
proxy_pass http://unix:/home/thomas/daweb/cms/cms.sock;
}
}
/etc/nginx/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
Result from curl --unix-socket /home/thomas/daweb/cms/cms.sock cms.example.com is html of the default Wagtail landing page, no errors.
However navigating to cms.example.com just gives me a connection error. If I swap the two, I can see the Wagtail interface at example.com, so I know they’re both working. However, I can’t seem to figure out how to configure a subdomain and I struggle to understand the nginx documentation. Also similar questions about configuring subdomains are usually about making static files available, not listening to active ports.
One extra layer of trouble is that the Wagtail CMS is accessible at /admin of its server root, so I’d like to make that page appear at cms.example.com rather than having to navigate to cms.example.com/admin. Any help would be greatly appreciated!
Check what is contained in /etc/nginx/proxy_params. I would expect something like this:
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
Also, to be sure Gunicorn is working correctly, try:
curl --unix-socket /home/thomas/daweb/cms/cms.sock cms.example.com
Related
I have an ASP.NET based app (on IIS8); which loads perfectly when visiting it directly at: http://localhost:89/files
When I visit my ngnix reverse proxy URL: http://localhost/files, instead of loading the webpage, the file Login.aspx is downloaded by the web browser. I don't have any issues with reverse proxying the root domain (for regular HTML webpages).
I would like to resolve this issue without modifying my ASP.NET app if at all possible. Below, is the configuration I'm using in nginx.conf:
server {
listen 80;
server_name localhost;
location / {
root "C:\inetpub\wwwroot";
index index.html index.htm;
}
location /files {
proxy_pass http://localhost:89/files/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Maybe, there's something I need to change on my Web.config file for the ASP.NET app?
I have a godaddy A record pointing to my Digital Ocean IP address.
Here's the nginx configuration.
server {
listen 80 default_server;
server_name domain.com www.domain.com;
location / {
proxy_pass 'http://127.0.0.1:3004';
}
}
When I type in the domain.com it goes to the server, but the address bar shows the IP address.
How can it show the domain name?
It's most probably a redirection from proxy_pass. I'm not sure what you are running at backend but you could try to pass hostname.
proxy_set_header Host $host;
Add this line after proxy_pass to tell backend which domain is in the request headers.
The redirection to the IP address is most likely done by your backend in the proxy_pass.
You could try to add some header to help the backend understand the context of the request.
I would recommend as a starter the following configuration :
server {
listen 80 default_server;
server_name domain.com www.domain.com;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
location / {
proxy_pass 'http://127.0.0.1:3004';
}
}
If using Node.JS, you might need the following line as well :
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
Please also check the configuration of your backend. You may need to setup the access URL, context path, etc.
I have a bitbucket server that works on a direct IP address very well. But I want to access my bitbucket server using subdomain name and over HTTP, something like bitbucket.subdomain.com
I have found a very good official Atlassian's explanation on how to do it and started from adding new server parameters to the bitbucket.properties
server.port=7990
server.secure=true
server.scheme=http
server.proxy-port=80
server.proxy-name=bitbucket.mydomain.com
server.context-path=/
everything looks clear to me, so I've decided to change my Nginx configuration and added next server settings
#Bitbucket
server {
server_name bitbucket.mydomain.com;
# serve static files directly
#location for bitbucket
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:7990;
}
}
the same looks cool for me.
Did all restarts/reload etc and going in my browser to bitbucket.subdomain.com and I see 404
So, I'm really stuck, since I've done a lot of different changes and no, it's not working
Can anyone help?
I try the same stuff and this works for me:
Bitbucket.properties:
server.port=7990
server.scheme=http
server.proxy-port=80
server.proxy-name=bitbucket.mydomain.com
Nginx
server {
listen 80;
server_name bitbucket.mydomain.com;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:7990/;
client_max_body_size 10M;
}
}
Then restart both and you are ready to go.
V.
We have a situation where we need to serve the login page from server_A (NGINX), get the user authenticated from here and once authenticated route the request ta a page which resides in a different server i.e. Server_B. All subsequent requests will come to Server_A and it will first check the user and session validity and then route to Server_B. This way the session and security is maintained by server A and rest of the work is done by server B.
My question here is that can we acheive this from NGINX server ?
My question here is that can we acheive this from NGINX server ?
Yes, certainly.
How do you do that?
Taking for an example a modified Tomcat behind NGINX application config I have handy:
server {
listen 80;
server_name www.example.com;
location /{
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://servera.example.com:8080/app;
client_max_body_size 10M;
}
location /login{
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://serverb.example.com:8080/login;
client_max_body_size 10M;
}
}
This will both proxy requests to the TomCat server, and serve them like any HTTP server.
Same can be said for any application you may want to proxy to, just modify the proxy_pass line of the above config accordingly!
I am using phabricator by Docker image (https://hub.docker.com/r/hachque/phabricator/).
Because my phabricator server is in the LAN of a company, I cannot access it from the outside. I'm trying to use Ngnix as reverse proxy. I can access the login page, but when I try to login, following message was displayed:
Unhandled Exception ("AphrontMalformedRequestException") You are
trying to save some data to Phabricator, but the request your browser
made included an incorrect token. Reload the page and try again. You
may need to clear your cookies. This was a Web request. This request
had an invalid CSRF token.
Here is part of my Nginx reverse proxy configuration:
# phabricator proxy.
#
server {
listen 8080;
server_name 0.0.0.0;
location / {
proxy_pass http://193.177.1.238/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
I'm not using the same image as you, but what i've installed PHP 7.1 with Nginx and the Phabricator sources on the Docker image, then the Nginx from docker listen to the 9000 port (in my case).
Then i run this image using the 8081:9000 port mapping, and the following VirtualHost config on the Nginx from the host machine:
upstream api_upstream {
server 0.0.0.0:8080;
}
server {
listen 80;
server_name phabricator.local.com;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_pass http://api_upstream;
}
}
the phabricator.local.com host only works if you add this entry to the /etc/hosts file:
127.0.0.1 phabricator.local.com