I have two hello servers in server1(1.1.1.1) and server2(1.1.1.2). Now I want to use Nginx(example.com) to proxy pass request to the certain server like this:
Request Url:http://example.com/hello1
proxy pass:http://1.1.1.1/hello
Reqeust Url:http://example.com/hello2
proxy pass:http://1.1.1.2/hello
Just add the location block to example.com config. This should work.
location ^~ /hello1 {
proxy_set_header Proxy "";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_pass http://1.1.1.1/hello;
proxy_redirect off;
}
location ^~ /hello2 {
proxy_set_header Proxy "";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_pass http://1.1.1.2/hello;
proxy_redirect off;
}
Related
I apply NginX to authenticate Applications for instance myapp1 and myapp2 with LDAP (described here). My config file looks like:
ldap_server myapp1{
url ldaps://....;
binddn "CN=user,OU=t accounts,DC=dom,DC=uk";
binddn_passwd ...;
group_attribute member;
group_attribute_is_dn on;
max_down_retries_count 5;
satisfy any;
Require valid-user;
}
ldap_server myapp2{
url ldaps://....;
binddn "CN=user,OU=t accounts,DC=dom,DC=uk";
binddn_passwd ...;
group_attribute member;
group_attribute_is_dn on;
max_down_retries_count 5;
satisfy any;
Require valid-user;
}
It works well. Now, I want to supress the authentification for myapp2 in other words, if a user calls the url adress for myapp2 in the browser, the user will not be asked for the authentification and will come directly to the url, but just for myapp2.Is it possible?
Update: I figured out, that there is another part of nginx.conf, namely the proxy part:
location /myapp1/ {
auth_ldap_servers myapp1;
proxy_pass http://127.0.0.1:3838/myapp1/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
location /myapp2/ {
auth_ldap_servers myapp2;
proxy_pass http://127.0.0.1:3838/myapp2/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
probably I have to change something in location part?
I found finally the solution.
the problem was, that tere is an aditional part in nginx.conf at the beginning. Thses should be integrated in the second part location /myapp/ { ....}. Therefore from:
auth_ldap "please log in with windows login data";
auth_ldap_servers myapp1;
auth_ldap_servers myapp2;
#comment:
# the special part for every app
location /myapp1/ {
auth_ldap_servers myapp1;
proxy_pass http://127.0.0.1:3838/myapp1/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
location /myapp2/ {
auth_ldap_servers myapp2;
proxy_pass http://127.0.0.1:3838/myapp2/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
to
location /myapp1/ {
auth_ldap "please log in with windows login data";
auth_ldap_servers myapp1;
proxy_pass http://127.0.0.1:3838/myapp1/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
location /myapp2/ {
auth_ldap "please log in with windows login data";
auth_ldap_servers myapp2;
proxy_pass http://127.0.0.1:3838/myapp2/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
I'm running nodeJS script..
on localhost:9001
it is running behind nginx reverse proxy
it accept request in the form of /v{{ version }}/{{ lang }}/...
So for example:
domain.com/api/v1/en/news
domain.com/api/v2/fr/news
domain.com/api/v3/en/news
Until now I had this is nginx
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://localhost:9001/;
}
and everything work.
My goal now is to run additional (identical) script on localhost:9002 which will accept v4 requests. And v3, v2 and v1 will be still 'processed' by localhost:9001
So I want that request domain.com/api/v4/en/news is routed to localhost:9002
I put this above current rule like this
location ~* /api/v4/(.*)$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://localhost:9002/v4/$1;
}
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://localhost:9001/;
}
Request /v3/.. is routed to localhost:9001 (as expected) but /v4/.. returns 502.
Any pointers?
location /api/v4/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://localhost:9002/v4/;
}
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://localhost:9001/;
}
I'm configuring nginx with this config:
location /test {
proxy_pass http://127.0.0.1:10000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
It works, but without all assets. I inspect element, the assets redirect to http://127.0.0.1:10000 (absolutely 404), where it should be http://127.0.0.1:10000/test/asset.css.
Need advice :)
PS: My server is using angular2 (npm start)
May the force be with you:
location / {
proxy_pass http://127.0.0.1:10000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ ^/(images/|img/|javascript/|js/|css/|stylesheets/|flash/|media/|static/|robots.txt|humans.txt|favicon.ico) {
root /root/of/your/public/assets;
access_log off;
expires max;
}
I want to redirect my http://127.0.0.1:9090/data/admin/ to http://94.162.152.12:9090/admin/ that can be access outside in my network. I already open port 9090 in my router.
Take a look my nginx config
server {
listen 9090;
server_name 94.162.152.12;
location ~* /data/admin/ {
proxy_pass http://127.0.0.1:9090;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
}
In case you mean proxying from http://94.162.152.12:9090/admin/ to http://127.0.0.1:9090/data/admin/ you might want to do it as follow:
server {
listen 9090;
server_name 94.162.152.12;
location /admin {
rewrite ^/admin/(.*) https://127.0.0.1:443/data/admin/$1 permanent;
proxy_pass http://127.0.0.1:9090;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
}
This will rewrite all requests for /admin/* to /data/admin/* and call localhost as backend.
I have very limited knowledge with rewriting url in nginx. I have a plex media server running behind on nginx, i can access the dashboard with http://domain.com/web/index.html with these config i found on github:
upstream plex-upstream {
server plex-server.example.com:32400;
}
server {
listen 80;
server_name domain.com
location / {
if ($http_x_plex_device_name = '') {
rewrite ^/$ http://$http_host/web/index.html;
}
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_pass http://plex-upstream;
}
}
What i want is to remove /web/index.html so when i go to http://domain.com, the PMS dashboard will load. I tried some one liner rewrite rules already but all failed. Thanks.
I am not nginx specialist, but I had similar problem.
The diference is that I was not trying to alias domain.name/ to domain.name/web/,
My goal was to alias domain.name/plex/ to domain.name/web/.
I was getting redirects to web/index.html with all solutions I could find except this one Configure Plex Media Server Reverse Proxy nginx Linux.
The only one problem with this one was that if you go to web/ you will stay there.
So here is my creepy yet working solution:
upstream plex {
server localhost:32400;
}
server {
listen 80;
server_name domain.name;
server_name_in_redirect off;
location / {
proxy_pass http://localhost:8888;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
location /web/index.html {
if ($http_x_should_not_redirect = ""){
return 301 https://domain.name/plex/index.html;
}
proxy_pass https://plex;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header x_should_not_redirect $host;
}
location /web {
proxy_pass https://plex;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header x_should_not_redirect $host;
}
location /plex {
proxy_pass https://127.0.0.1/web;
proxy_set_header X-should-not-redirect $host;
}
location /transmission/rpc {
proxy_pass http://localhost:9091;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
location /transmission/web {
proxy_pass http://localhost:9091;
proxy_pass_header X-Transmission-Session-Id;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/dovgastreetnas.viewdns.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/dovgastreetnas.viewdns.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
}
Hope this will help somebody.