Nginx: (111: Connection refused) while connecting to upstream - nginx

I'm trying to use to Nginx for reverse proxy. I have 1 Node.js app on port 3333 and Golang app on port 3334. When calling to Golang API, I see this message in /var/log/nginx/error.log:
2016/07/15 10:18:36 [error] 4835#0: *131 connect() failed (111: Connection refused) while connecting to upstream,
client: 27.69.66.52,
server: video1.techmaster.vn,
request: "GET /stream/dash/5klRyUnPVyDWouxscIT42uWs5JL4x9nHFol9ecg5g0GLf7aTaI/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwcmljZSI6MCwiZnVsbCI6dHJ1ZSwidmlkZW8iOnsiaWQiOjEwODcsIm5hbWUiOiJtcDNaaW5nU2hvd0RhdGEtMjY0Lm1wNCIsInBhdGgiOiIvbWVkaWEvODIxNyJ9LCJhdHRhY2htZW50IjpbXSwiZXhwIjoxNDY4NTU2NTE2fQ.qc9d_XPhCepHf5iJyf9ORBPOo3pTvF8Th_VMadNSM2o/43f_vid_19.m4s HTTP/1.1",
upstream: "http://127.0.0.1:3334/stream/dash/5klRyUnPVyDWouxscIT42uWs5JL4x9nHFol9ecg5g0GLf7aTaI/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwcmljZSI6MCwiZnVsbCI6dHJ1ZSwidmlkZW8iOnsiaWQiOjEwODcsIm5hbWUiOiJtcDNaaW5nU2hvd0RhdGEtMjY0Lm1wNCIsInBhdGgiOiIvbWVkaWEvODIxNyJ9LCJhdHRhY2htZW50IjpbXSwiZXhwIjoxNDY4NTU2NTE2fQ.qc9d_XPhCepHf5iJyf9ORBPOo3pTvF8Th_VMadNSM2o/43f_vid_19.m4s",
host: "video1.techmaster.vn",
referrer: "https://techmaster.vn/khoa-hoc-online/8217/lap-trinh-ios-swift/96/Location-Notification"
I don't know what's the problem from. Maybe I have done some mistake in Nginx config. Here is my Nginx configuration:
server {
listen 80;
server_name video1.techmaster.vn www.video1.techmaster.vn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 spdy ssl;
server_name video1.techmaster.vn www.video1.techmaster.vn;
keepalive_timeout 30;
# Allow upload video up to 100M
client_max_body_size 100M;
# Config SSL
ssl on;
ssl_certificate /etc/ssl/cert_chain.crt;
ssl_certificate_key /etc/ssl/private/sv.video1.techmaster.vn.key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "xxxxxxxxxx";
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
ssl_stapling on;
location ~* /.*\.(xml)$ {
root /var/www/videos.techmaster.vn/public;
expires 7d;
}
location /stream/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3334;
set $cors '';
if ($http_origin ~* (localhost|www\.techmaster\.vn|techmaster\.vn)) {
set $cors 'true';
}
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Range';
}
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3333;
set $cors '';
if ($http_origin ~* (localhost|www\.techmaster\.vn|techmaster\.vn)) {
set $cors 'true';
}
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Range';
}
}
}

I have edited Nginx config and it works
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
server_name 192.168.1.10;
keepalive_timeout 30;
# Config SSL
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
ssl_stapling on;
# Allow upload video up to 100M
client_max_body_size 100M;
location ~* /.*\.(xml)$ {
root /var/www/videos.techmaster.vn/public;
expires 7d;
}
location /stream/* {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3334;
set $cors '';
if ($http_origin ~* (localhost|tech\.dev)) {
set $cors 'true';
}
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Range';
}
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3333;
set $cors '';
if ($http_origin ~* (localhost|tech\.dev)) {
set $cors 'true';
}
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Range';
}
}
}

I had got same issue while configuring AWS with node platform.
I used 3000 port to start the application.
When I changed my port to 8081 it worked.

Related

nginx reverse proxy: ERR_TOO_MANY_REDIRECTS but second site is working

i'm relatively new to linux. My server is running Ubuntu 22.04 and i got a little problem here in my nginx configuration. I set up a reverse proxy (nginx) in /etc/nginx/sites-enabled/reverse-proxy.conf and wrote this into the file:
server {
if ($host = domain.de) {
return 301 https://$host$request_uri;
}
listen 80;
server_name domain.de;
return 404;
}
server {
server_name domain.de;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/domain.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.de/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
proxy_buffering off;
server_tokens off;
location ^~ /swagger {
return 404;
}
location / {
root /var/www/html/domain.de;
try_files $uri $uri/ /index-one.html ;
proxy_pass http://127.0.1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Powered-By;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
# proxy_set_header X-Real-IP $http_CF_Connecting_IP;
add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header Strict-Transport-Security "max-age=15552000; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}
}
server {
if ($host = second.domain.de) {
return 301 https://$host$request_uri;
}
listen 80;
server_name second.domain.de;
return 404;
}
server {
server_name second.domain.de;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/second.domain.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/second.domain.de/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
proxy_buffering off;
server_tokens off;
location ^~ /swagger {
return 404;
}
location / {
proxy_pass http://192.168.198.40:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Powered-By;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
# proxy_set_header X-Real-IP $http_CF_Connecting_IP;
add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header Strict-Transport-Security "max-age=15552000; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}
}
The second domain is a streaming service called emby and it works, the first domain is a website i want to host and it is based in /var/www/html/domain.de. The directive /var/www/html/domain.de is owned by www-data.
This config gives me an ERR_TOO_MANY_REDIRECTS on domain.de but the second.domain.de is working fine. Why? What am i doing wrong here?
When i change the ip address in the first domain from 127.0.2.1 to 192.168.198.40 the same error occurs. When i add a port to the address like 127.0.2.1:8080; or 192.168.198.40:8080; i get a 502 Bad Gateway error message.
The second domain is working fine in all constellations but i can't get the first domain to work and i don't know how to fix this.
I hope anybody can help me out here. :)

nginx-quic(support http3) 0-rtt not work when use multi server blocks

To support http3, i build nginx-quic and configure multi server blocks for vhost, my nginx.conf enabled all importmant params but http3's early-data still don't take effect,nginx log contains: quic no early keys, ignoring packet while decrypting packet, unless set 'worker_processes' as only 1, i think the reason is 'ssl_session_cache shared:SSL:100m' didn't take effect, does anyone know? thanks
my nginx.conf key configurations are follows :
http {
log_format quic '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$http3"';
error_log /data/log/nginx_quic_error.log;
error_log /data/log/nginx_quic_error.log debug;
ssl_protocols TLSv1.3;
ssl_early_data on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
keepalive_timeout 65;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 http3 reuseport;
listen [::]:443 http3 reuseport;
server_name *.ap.staging-1-aws.xxx.com;
ssl_certificate /etc/agora/ap.staging-1-aws.xxx.com.crt;
ssl_certificate_key /etc/agora/ap.staging-1-aws.xxx.com.key;
location / {
proxy_pass http://127.0.0.1:1111;
proxy_redirect off;
proxy_set_header HOST $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Early-Data $ssl_early_data;
# cors
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Timing-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' 'Origin,Content-Type,Accept,Authorization,X-Packet-Service-Type,X-Packet-URI,X-User-Address,XD-User-Address,X-Request-From,X-Response-Format' always;
add_header 'Access-Control-Max-Age' '1728000' always;
add_header X-XSS-Protection "1; mode=block";
add_header Alt-Svc 'h3=":443"; ma=2592000';
add_header x-quic 'h3';
return 200;
}
if ($request_method ~* '(GET|POST|DELETE|PUT)') {
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Timing-Allow-Origin' '*' always;
add_header X-XSS-Protection "1; mode=block";
add_header Alt-Svc 'h3=":443"; ma=2592000';
add_header x-quic 'h3';
}
}
server {
xxxxxxxxxxx
}
}

How to setup nginx for ipfs gateway?

I need to make ipfs http gateway through nginx with certbot installed together with redirecting websockets to port 9999, but I am unable to make it work as intended.
The code for running websocket service is on "location /" .
Code for ipfs gateway is at "location /ipfs" .
server {
location /ipfs {
proxy_pass http://0.0.0.0:9001;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
allow all;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_redirect http://0.0.0.0:9999/ /;
proxy_redirect ws://0.0.0.0:9999/ /;
proxy_pass http://0.0.0.0:9999/;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
allow all; # Any IP can perform any other requests
proxy_set_header Connection "Upgrade";
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Cache-Control,Content-Type,Authorization';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'application/json charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
# add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type,Authorization';
}
if ($request_method = 'GET') {
# add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
}
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/recall.network/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/recall.network/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = recall.network) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name recall.network;
return 404; # managed by Certbot
}
My custom code:
location /ipfs {
proxy_pass http://0.0.0.0:9001;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
allow all;
}
do not work as intended
I would like to have an ipfs gateway accessible at https:recall.network/ipfs/HASH*
Resolution is to put correct prefix ^~ in location.
location ^~ /ipfs {
proxy_pass http://0.0.0.0:9001;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
allow all;
}

nginx proxy is not working using subdomain

i have two domains
alpha.mydomain.com and api-alpha.mydomain.com
I am trying to use nginx as a proxy
i am getting the error
Access to XMLHttpRequest at 'https://api-alpha.mydomain.com/dup-check'
from origin 'https://alpha.mydomain.com' has been blocked by CORS
policy: Response to preflight request doesn't pass access control
check: No 'Access-Control-Allow-Origin' header is present on the
requested resource.
i would think based on my setup , the request should not be using api-alpha.mydomain.com but 127.0.0.1 (and not getting the CORS error)
NOTE:: i am using cloudflare https so the console errors are https by cloudflare is the SSL and talking to port 80 to my nginx server
this is part of my nginx config
server {
listen 80;
server_name alpha.mydomain.com ;
access_log /var/log/nginx.access_log main;
root /home/mydomain/react-front/dist;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name api-alpha.mydomain.com ;
access_log /var/log/nginx-api-alpha-access.log main;
location /{
proxy_pass http://127.0.0.1:4001/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_redirect off;
}
}
This is the entry from the nginx-api-alpha-access.log
"OPTIONS /dup-check HTTP/1.1" 502 750 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" "-"
This is the entry from /var/log/nginx/error.log
[error] 1280#1280: *12 connect() failed (111: Connection refused) while connecting to upstream, client: 172.xx.xxx.xxx, server: api-mydomain.trigfig.com, request: "OPTIONS /dup-check HTTP/1.1", upstream: "http://127.0.0.1:4001/dup-check", host: "api-alpha.mydomain.com"
Thanks, not sure what i am missing in my config
try change to
server {
listen 80;
server_name alpha.mydomain.com ;
access_log /var/log/nginx.access_log main;
root /home/mydomain/react-front/dist;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name api-alpha.mydomain.com ;
access_log /var/log/nginx-api-alpha-access.log main;
location /{
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range,Authorization';
proxy_pass http://127.0.0.1:4001/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_redirect off;
}
}

Nginx auth before return

Im using nginx with auth.
All auths works properly in the locations is set, but I have a location /marathon that return same url with other port. I have added auth to this location, but it does not work. I think is regarding to the return directive but I dont know why and how to handle it or solve it. I've been searching but I can't find nothing about this
Any ideas why or how to handle it?
user root;
worker_processes 4; # 2 per core
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
upstream mypelotweb {
least_conn;
server myweb.marathon.mesos:8001;
server myweb.marathon.mesos:8002;
server myweb.marathon.mesos:8003;
server myweb.marathon.mesos:8004;
}
upstream mypelotwebsockets {
least_conn;
server myweb.marathon.mesos:8001;
server myweb.marathon.mesos:8002;
server myweb.marathon.mesos:8003;
server myweb.marathon.mesos:8004;
}
upstream wingmantracker {
least_conn;
server mywing-tracker.marathon.mesos:8011;
server mywing-tracker.marathon.mesos:8012;
}
upstream club {
server club.marathon.mesos:5000;
}
upstream soccerint {
server soccerint.marathon.mesos:5005;
}
upstream enet {
server enet-web.marathon.mesos:5003;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format uri $request_uri;
access_log /var/log/nginx/access.log;
keepalive_timeout 65;
proxy_read_timeout 200;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_min_length 1000;
gzip_proxied any;
gzip_types text/plain text/html text/css text/xml
application/x-javascript application/xml
application/atom+xml text/javascript;
proxy_next_upstream error;
server {
server_name mytree.com;
listen 80;
error_log /var/log/nginx/errorhttp.log;
access_log /var/log/nginx/accesshttp.log;
return 301 https://$host$request_uri;
}
server {
server_name mytree.com;
listen 443;
error_log /var/log/nginx/errorhttps.log;
access_log /var/log/nginx/accesshttps.log uri;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
root /www/mytree;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
}
location /mypelot {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://mypelotweb;
proxy_set_header 'Access-Control-Allow-Origin' '*';
proxy_set_header 'Access-Control-Allow-Credentials' 'true';
proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location ~* ^/mypelot$ {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://mypelotweb;
proxy_set_header 'Access-Control-Allow-Origin' '*';
proxy_set_header 'Access-Control-Allow-Credentials' 'true';
proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location /mypelot/ws {
proxy_pass http://mypelotwebsockets;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location /wingmantracker {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://wingmantracker;
proxy_set_header 'Access-Control-Allow-Origin' '*';
proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location /club {
proxy_pass http://club;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location /soccerint {
proxy_pass http://soccerint;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location /enet {
proxy_pass http://enet;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location /mypelot-messenger {
return 301 http://mypelot-messenger.marathon.mesos:15672;
}
location /mesos {
return 301 http://mytree.com:5050;
}
location /marathon {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
return http://mytree.com:8080;
}
location /jenkins {
return 301 http://myserver.ovh.net:8082;
}
location /jira {
return 301 https://mymymy.atlassian.net;
}
location /bitbucket {
return 301 https://bitbucket.org/statistics/;
}
location /confluence {
return 301 https://stats.atlassian.net/wiki/;
}
}
}

Resources