i have this NGINX location in my default.conf
location /api-gateway/ {
proxy_http_version 1.1;
proxy_connect_timeout 75s;
proxy_read_timeout 100s;
client_max_body_size 100m;
proxy_set_header Host test.domain.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_buffers 16 8k;
proxy_buffer_size 4k;
proxy_max_temp_file_size 0;
rewrite ^/api-gateway/(.*)$ $1 break;
proxy_pass http://ingress-srv; # ingress-srv is an upstream
}
here is an example of the request that is coming to my NGINX server: http://demo.domain.com/api-gateway/service/v1/metrics
i need to do the below
remove the /api-gateway/ from the original url and then,
rewrite/send the requests to ingress-srv upstream without
changing the URL (no redirect)
change the header from demo.domain.com to test.domain.com which i believe i have done it correctly
i can not make it work ..
Instead of
proxy_pass http://ingress-srv; # ingress-srv is an upstream
try doing (notice the slash):
proxy_pass http://ingress-srv/; # ingress-srv is an upstream
You can take out the rewrite directive.
As Oscar Wilde said "I was working on nginx.conf all the morning, and took out a comma. In the afternoon I put it back again."
Related
There is a request to my server where I redirect it to another service
I noticed that my headers are not redirected with request.
Shouldn't they be automatically redirected along with the request?
Configuration example:
location / {
rewrite (/v2\/partner\/products/.*)$ https://example.app$1 redirect;
rewrite_log on;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://abm_module;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
I searched for information on the Internet and documentation and found nothing. I will be grateful for help.
this is my nginx configuration file
server {
listen 80;
server_name 0.0.0.0;
client_max_body_size 10000M;
location / {
auth_basic "Restricted Content";
auth_basic_user_file /etc/apache2/.htpasswd;
proxy_pass http://localhost:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-Scheme $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 120s;
proxy_next_upstream error;
}
location /source {
auth_basic "Restricted Content";
auth_basic_user_file /etc/apache2/.htpasswd;
proxy_pass http://localhost:5050/source;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-Scheme $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 120s;
proxy_next_upstream error;
}
}
I am able to route first application running on port 8888 but for second application running on port 5050 i am not able to route through nginx. i am using /source as a prefix but it's not working. Second application also starts with / in our application. Please request guidance in this on the above issue.
/ matches before /source so you never reach /source and therefore can't be routed. switching the order of the location directive should be enough.
I want to use nginx proxy_pass before different applications which run on their own port.
so i.e. I have
server {
listen 443 ssl;
ssl on;
ssl_certificate /etc/ssl/certs/self-signed.crt;
ssl_certificate_key /etc/ssl/private/self-signed.key;
proxy_intercept_errors on;
location /app1/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_redirect off;
proxy_pass http://localhost:1111;
}
location /app2/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_redirect off;
proxy_pass http://localhost:2222;
}
}
However the problem is the applications itself have redirects in them which causes the /app1/ or /app2/ to disappear.
i.e. a 302 get /page1 will become https://example.com/page1 instead of https://example.com/app1/page1
So basically whenever someone is at a /app1/* page to always prefix /app1/.
and it would be really great if this doesn't happen when this is actually the full domain name so it's possible to load resources from a /app2/ url in a /app1/ page
Is there a way I can fix with Nginx config or can I only fix this in the application itself?
EDIT:
I found that Nginx has a function called sub_filter.
This replaced strings in the body of the response.
so:
app returns: 200 "hello world!"
//nginx
sub_filter "world" "moon";
then the browser will display "hello moon!"
However I also need to do this for 302 redirects.
Is there a "sub_filter equivalent" for headers?
EDIT2:
As Ivan suggested probably proxy redirect should do the trick, but it's not changing anything.
my nginx code is:
location /app1/ {
proxy_set_header Accept-Encoding ""; # no compression allowed or next won't work
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 3600;
proxy_connect_timeout 3600;
fastcgi_read_timeout 3600s;
proxy_pass http://localhost:5000/;
proxy_redirect http://localhost:5000/ /app1/; #also tried full domain
}
As for the app I'm testing this with a simple Flask app like this:
#app.route('/')
def hello_world():
return redirect("http://localhost:5000/testing", code=302)
and the browser response headers are:
HTTP/1.1 302 FOUND
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 06 Nov 2019 15:56:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://localhost:5000/testing
Use proxy_redirect directive for your case:
proxy_redirect / /app1/;
and
proxy_redirect / /app2/;
Remove any proxy_redirect off; directive because it cancels the effect of all proxy_redirect directives on the same level.
I am trying to hit a URL on nginx which be proxied to Netty, for a particular URL I am getting net::ERR_INCOMPLETE_CHUNKED_ENCODING on chrome and on Safari some times it works and some times not.
Here is the configuration:
location /service-order-api {
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host:$server_port;
proxy_pass http://service_order_api;
#proxy_read_timeout 120;
proxy_set_header X-Real-IP $remote_addr;
#proxy_buffer_size 2k;
#proxy_buffers 8 24k;
proxy_redirect off;
#proxy_buffering off;
chunked_transfer_encoding on;
}
Try setting this option for your server:
proxy_buffering off;
Don't know the reason, but this solved my case.
I've been trying to do rewrite in Nginx:
domain.com/one/two -> onetwo.domain.com. The URL that user sees should not be changed in address bar.
This code does not work correctly - it changes URL in address bar
rewrite ^/one/two/ http://onetwo.domain.com/ last;
What solution must be there?
Thanks.
This isn't possible, because you're changing hostnames. Browser security is tied to it, as is webserver configuration.
You can rewrite URLs within same hostname, but changing hostnames requires redirect or using a frame.
Use proxy pass:
location /one/two/ {
proxy_pass http://onetwo.domain.com/;
include proxy.conf;
}
Where proxy.conf is where you keep your proxy settings, stuff like:
proxy_ignore_client_abort off;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_connect_timeout 120;
proxy_send_timeout 900;
proxy_read_timeout 900;
proxy_headers_hash_max_size 1024;
proxy_headers_hash_bucket_size 128;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REQUEST_SCHEME $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header 'SERVER_PORT' $server_port;