Configure public domain for WSO2 API Manager - wso2-api-manager

Any guidelines on how to configure public domain for WSO2 API Manager. Basically want to replace https://localhost:9043/publisher with http://api.test.com/publisher
We are using nginx. Our issue is how to correctly create the nginx conf.

Defined the server name as api.test.com in the virtual server block
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
server_name api.test.com;
location /publisher {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://localhost:9443/publisher;
proxy_redirect https://localhost:9443/publisher https://localhost/apimanager/publisher;
proxy_cookie_path /publisher /apimanager/publisher;
}
location ~ ^/publisher/(.*)registry/(.*)$ {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://localhost:9443/$1registry/$2;
}
}

This issue has been resolved. the above answers were useful. I got stuck because I did not have port 443 open (new to rackspace).

Related

How do I configure nginx and ShinobiCCTV?

Link to Shinobi:
https://shinobi.video/
I have a Shinobi which is at 127.0.0.1.
And also the domain example.com on / is the backend, I want example.com/shinobi to host Shinobi.
I tried to do this via nginx, here is my configuration:
server {
server_name example.com;
listen 443 ssl;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
}
location /shinobi/ {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_redirect off;
}
location /socket.io/ {
proxy_pass http://127.0.0.1:8080/socket.io;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade;
proxy_set_header Host $host;
}
}
This doesn't work for me, I found the answer on reddit:
https://www.reddit.com/r/ShinobiCCTV/comments/fgmce0/problem_with_shinobi_behind_nginx_reverse_proxy/
I changed baseURL in /home/Shinobi/conf.json to https://example.com/shinobi/ and restarted Shinobi pm2 restart all. I get this response:
[PM2] Applying action restartProcessId on app [all](ids: [ 0 ])
[PM2] [camera](0) ✓
When I go to https://example.com/shinobi/{TOKEN}/embed/{GROUP}/{CAMERA}/fullscreen%7Cjquery I get:
Cannot GET /shinobi/{TOKEN}/embed/{GROUP}/{CAMERA}/fullscreen%7Cjquery
That didn't work for me. Can you please tell me how I can fix this and what could be the problem?

Why am I lost the WSO2 APIM Store session after click in all API?

I have an specific node for my APIM store which is configured for https://mydomain.store.
I'm using nginx for front-end all APIM nodes or cluster. And for almost every thing its running fine.
The problem is: After access the I lost the session every time that I click on all available API..
In my opinion it is a problem with NGINX. If a config Store to maintain original context (https://mydomain.store/store) i don´t have problems.
After all my research, my nginx config files are:
upstream loja{
server localhost:9443;
}
server {
listen 443 ssl;
server_name mydomain.store;
proxy_set_header X-Forwarded-Port 443;
error_log /var/log/nginx/lojahml.log ;
access_log /var/log/nginx/access-lojahml;
#SSL CONFIG
...
location /{
proxy_set_header X-WSO2-Tenant "carbon.super";
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
proxy_pass https://loja/store/;
proxy_redirect https://loja/store/ https://mydomain.store;
proxy_cookie_path /store /;
}
location /carbon{
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
proxy_pass https://localhost:9443/carbon;
}
location ~ ^/(.*)registry/(.*)$ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass https://localhost:9443/$1registry/$2;
}
location /registry {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass https://localhost:9443/registry;
}
location /services{
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
proxy_pass https://localhost:9443/services;
}
}
The site.json for store jaggery APP is like that:
...
"reverseProxy" : {
"enabled" : "true", // values true , false , "auto" - will look for X-Forwarded-* headers
"host" : "mydomain.store", // If reverse proxy do not have a domain name use IP
"context":"",
//"regContext":"" // Use only if different path is used for registry
},
...
P.S. Before everything running fine using apache as front-end.

Handling multiple applications from a single domain in Nginx

Im trying to configure Nginx to handle multiple applications (backends) to work off a single domain (server_name) and I'm running into a weird problem.
What I'm trying to do is,
www.test.com -------------> serving the main application (127.0.0.1:7888)
|
-------------> management application (127.0.0.1:2666)
The initial configuration I have is as follows,
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name test.com;
## SSL settings
ssl on;
location / {
proxy_pass http://127.0.0.1:7888;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
location /management {
rewrite ^/management/(.*)$ /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass https://127.0.0.1:2666;
}
}
This works well for the main application. It can also route to the /management application however it is trying to access management static files via the main application and it throws 404.
To rectify this I modified the configuration as,
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name test.com;
## SSL settings
ssl on;
location / {
proxy_pass http://127.0.0.1:7888;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
try_files $uri $uri/ #fallback;
}
location /management {
rewrite ^/management/(.*)$ /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass https://127.0.0.1:2666;
}
location #fallback {
proxy_pass https://127.0.0.1:2666;
}
}
Now /management app works well but not the main application due to the try_files config.
Is there anyway to fix this issue ?

Reverse proxy nginx to application

I have a synology and I want to link a subdomain to one of this application. This is the URL I usually use to access to this service:
192.168.0.17:5001//index.cgi?launchApp=SYNO.SDS.App.FileStation3.Instance&launchParam=openfile%3D%252FOliver%252F
But this is too long and I want to access it directly this mydomaine.com
How should I configure the server ?
I tried this but it doesn't work :
server {
listen 80;
listen [::]:80;
resolver 89.2.0.1;
server_name test.fr;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_intercept_errors on;
proxy_http_version 1.1;
proxy_pass http://192.168.0.17:5000/index.cgi?launchApp=SYNO.SDS.App.FileStation3.Instance&launchParam=openfile%3D%252FOliver%252F;
}
}
Thanks a lot for your help!

nginx: redirect to two different servers based on domain

Let's say I have a domain: mike.com.
I'd like to have mike.com and www.mike.com hit my nginx server and get served a page sitting at 123.1.1.1.
I'd like to have api.mike.com get served by a server sitting at 123.2.2.2.
Perhaps my google-fu is failing me in epic fashion, but how would I go about arranging such a setup?
Create 2 server blocks and proxy_pass to the appropriate backend server.
Try with this example:
server {
listen 80;
server_name mike.com www.mike.com;
location / {
proxy_pass http://123.1.1.1:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name api.mike.com;
location / {
proxy_pass http://123.2.2.2:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

Resources