I have this nginx.conf nginx configuration:
http {
...
upstream app_servers {
server admin;
}
upstream status_servers {
server status:5000;
}
# Configuration for the server
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
location / {
proxy_pass http://app_servers;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /api {
proxy_pass http://api_servers;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
/ is server to one server, and
/api to another api server.
The problem is with the second (the api server).
The calls are reaching /api/** while I want them to reach the root of the api server (basically remove the /api when calling the api server).
so calling
/api -> will reach / in the api server, and calling
/api/foo -> will reach /foo in the api server.
I guess I'm looking for some kind of rewrite rull for that(?)
I have tried Inside the /api location:
rewrite ^/api(.*) /$1 last;
but it didn't seem to work.
Any kind of help would be appreciated!
Solved it using rewrite ^/api(/.*)$ $1 break;
but I can't just using /api - it must be /api/ (with trailing /)
For me it's fine, interesting though if anyone knows how to have support for /api too.
I'm not sure you still need it...but I managed to avoid "/api/", by doing this:
rewrite /api(/|$)(.*) /$2 break;
Related
I've installed several web applications on different ports on the same server. From that server when I send an http request using wget or curl the request goes through and I get the response. I've set up nginx server to not have to specify the port each time. Here's the related nginx config:
server {
listen 10.0.223.34:80;
server_name app1.domain.com;
access_log /var/log/nginx/app1.domain.com.access.log;
error_log /var/log/nginx/app1.domain.com.error.log;
location / {
proxy_pass http://10.0.223.34:8080;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
If I try app1.domain.com from outside I get 502 Bad gateway error. But if I change the proxy_pass to http:\\www.example.com, then nginx takes me to the example.com website.
Inside the nginx.conf file I've specified user nginx;. I've tried changing it to root but it didn't help either. Do you have any idea what else I need to check?
Try this:
upstream app1 {
server localhost:8080;
}
server {
listen 10.0.223.34:
server_name app1.domain.com;
access_log /var/log/nginx/app1.domain.com.access.log;
error_log /var/log/nginx/app1.domain.com.error.log;
location / {
proxy_pass http://app1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
I have configured nginx as reverse proxy tool. I have come across a problem which I have not been able to deal with. Following are the rules I have set in my .conf file.
server {
listen 80;
server_name rp.mydomain.com;
return 301 https://$host/myapp1/;
location / {
proxy_pass <local ip address>;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect http://$host https://$host;
proxy_set_header Host $host;
}
}
server {
listen 443 ssl;
server_name rp.mydomain.com;
location / {
proxy_pass <local ip address>;
proxy_redirect http:// https://;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
proxy_ssl_session_reuse on;
}
}
My application resides on /myapp1/ . The reason why I am not writing /myapp1/ in the proxy_pass [I tried] is because the redirection is not working properly WHEN I try to login on the page. I get the error page not found.
But after this rule in listen 80 block, return 301 https://$host/myapp1/; its working like charm, but only if I go open the http page.
When I open the link, rp.mydomain.com. The redirection is working perfectly and the application works fine too. The http request is redirected to https and I can log in through my app.
But, when I go through https://rp.mydomain.com, I end up at the blank page of <local ip address>, because of the proxy_pass rule in listen 443.
My requirement is whenever the specific request of the page is generated, which is, https://rp.mydomain.com, its redirected to https://rp.mydomain.com/myapp1/ (like when it does when the user accesses the page through http://rp.mydomain.com) but the other requests, like https://rp.mydomain.com/myapp1/ or https://rp.mydomain.com/myapp1/profile [etc etc] are not affected.
Just one specific page https://rp.mydomain.com gets redirected automatically.
Is it possible to do so? Please help me in this issue.
Thank you.
Try:
server {
listen 80;
server_name rp.mydomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name rp.mydomain.com;
location = / {
rewrite ^ /myapp1/ last;
}
location / {
proxy_pass <local ip address>;
proxy_redirect http:// https://;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
proxy_ssl_session_reuse on;
}
}
The location = / block has been added to create the mapping from / to /myapp1/. To change the URL in the browser, use permanent instead of last. See this document for details.
You will need to add additional proxy_redirect statements to prevent your local ip address leaking out when the application performs a redirect. See this document for details.
It is assumed that your SSL certificates are defined in an outer block and inherited.
Since a recent update of plex, my reverxe proxy for plex stopped working. I tried searching all around, but I didn't find much info. Listed below is the config file, does anyone have plex and know what goes wrong? I simply get served with a 404 not found page
server {
listen 80;
if ($http_referer ~* /plex/) {
rewrite ^/web/(.*) /plex/$1? redirect;
}
root /var/www;
location /plex/ {
proxy_pass http://127.0.0.1:32400/web/;
}
location /plexapi/ {
proxy_pass http://127.0.0.1:32400/;
}
}
Here is mine which works perfectly:
server {
listen 443;
server_name plex.mydoamin.com ;
satisfy any;
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
location = / {
rewrite ^ /web/;
proxy_redirect http:// $scheme://;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://192.168.1.14:32400/;
proxy_redirect http:// $scheme://;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
index index.html index.htm;
}
}
Some things to check:
Run `sudo netstat -nlp | grep ':32400' to make sure there is still something running on the expected port.
From withing the machine running Nginx and Plex, try connecting directly to the URL. Both of these should work: `curl http://127.0.0.1:32400/ and curl http://127.0.0.1:32400/web/ ;
If any of these tests fail, the problem with Plex and not Nginx. In which case, you post your Plex configurations.
It's also a good idea to check the Changelog for Plex. Are there mentions in the Changelog if changes that might be problematic for you since the last time you updated Plex?
I have a Flask application served using gunicorn, and with NGINX on top of it. I want to use Basic Authentication (user/password) to protect all URL's starting with /admin, which is the back office, but still continue serving all other URLs with gunicorn without password.
Here is my current NGINX config:
server {
listen 80;
server_name example.com;
charset utf-8;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /admin {
auth_basic "Administrator Login";
auth_basic_user_file /home/app/.htpasswd;
# the following four directives are duplicated :(
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
If I don't duplicate the proxy_* directives in the second location block, then the URLs starting with /admin doesn't get forwarded to gunicorn and I get a 404.
Is there any way to avoid the configuration duplication? I tried location nesting but apparently in the end NGINX only "executes" a single location block.
The proxy_pass must be within the location block. However, there's no need to duplicate the proxy_set_header directives, they can be moved into the server block. So your mistake was simply the assumption that proxy_pass could live in the server block :-)
Here's the problem:
The host machine has multiple docker apps running on different ports for eg. App1 # 3001, App2 # 3002...3100 etc
Now I would like to access the apps in this format http://hostname.com/app1, http://hostname.com/app2..
To do this i'm running nginx on the host to proxy requests to the right port based on the sub-uri
location = /app1 {
proxy_redirect http://hostname:3001/;
include /etc/nginx/proxy_params;
}
location ^~ /app1 {
proxy_redirect http://hostname:3001/app1;
include /etc/nginx/proxy_params;
}
But this does not work when the site's sub uri changes or if the site redirects.
For example:
If I visit the site at hostname:3001 -> I can see the site
If I visit the site at http://hostname.com/app1 -> I can see the site
If the site page is at hostname:3001/static/index.html then when i access it as http://hostname.com/app1 the page changes to http://hostname.com/static/index.html -> I get 404.
Is there a way to do this? Or is the only way to do it is to set the dns as app1.hostname.com and do a name based routing?
Inside your server {} block you want:
location /app1 {
rewrite ^/app1(.*) /$1 break;
proxy_pass http://hostname:3001/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /app2 {
rewrite ^/app2(.*) /$1 break;
proxy_pass http://hostname:3002/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
The rewrite rule here will pass the correct uris to the ports
You can make every app listens on a separate port (e.g. 3000 and 3001) then configure your nginx as follows (include it inside the server {} definition block):
location /app1 {
proxy_pass http://localhost:3000;
proxy_set_header X-Real-IP $remote_addr;
}
location /app2 {
proxy_pass http://localhost:3001;
proxy_set_header X-Real-IP $remote_addr;
}