Proxy all subdomain to other domain path - nginx

How to proxy all subdomain to other domain path?
For example
SUBDOMAIN.abcxyz123.com
To be proxied to
myapp.otherdomain.com/SUBDOMAIN
Making sure that all header/path and query parameters in the request is kept.
Update:
I've tried and have a working config but still not the one I need:
server {
listen 80;
server_name ~^(?<subdomain>.+)\.abcxyz123\.com$;
location / {
proxy_set_header Host "myapp.otherdomain.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
# this worked:
proxy_pass http://myapp.otherdomain.com/somepath/;
# this does not work:
#proxy_pass http://myapp.otherdomain.com/$subdomain$request_uri;
}
}

Try this
server {
server_name ~^(?<subdomain>.*)\.abcxyz123\.com$;
resolver 8.8.8.8;
rewrite ^/(.*)$ /$subdomain/$1;
location / {
proxy_set_header Host "myapp.otherdomain.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass http://myapp.otherdomain.com;
}
}
This should proxy all your traffic with original query parameters(query strings, request body, request method, etc), I changed the host header to the proxied "myapp.otherdomain.com" incase the server of 'myapp.otherdomain.com' has more than one virtual hosts. If you don't want the change, use $host instead.
This answer might need another edit since your question isn't very clear. If you have further question, comment and i will edit in my answer.

Related

Dynamic proxy_pass in nginx with ports like gitpod

How set dynamic proxy_pass in nginx like gitpod.com:
I already have a wildcard certificate
For example, in Gitpod you have a VM and if you start a port like 8081, your URL is:
https://8081-some-uuid.ws-us02.gitpod.io/
Following this order of ideas, I would like to configure something like
8082.example.com -> http://localhost:8082
8081.example.com -> http://localhost:8081
8080.example.com -> http://localhost:8080
site-enabled/example-com.config
server {
server_name *.example.com;
listen 80;
location / {
// how config this??
proxy_pass http://localhost:(¿dynamic port?);
proxy_set_header Connection 'upgrade';
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
}
}
Instead of using a wildcard name with server_name, you could use a regular expression to capture the subdomain part of the request. See this document for details.
For example:
server_name "~^(?<subdomain>[0-9]{4})\.example\.com$";
proxy_pass http://localhost:$subdomain;

Nginx - how to change request header Referer

new to NGINX.
Currently running a local reverse proxy using Nginx.
Just wondering how I can change the Referer in the request header from http://localhost:8080 to say a different server_name like me.example.com
Finding it difficult to find clear documentation on this subject.
have tried setting this value using:
proxy_set_header Referer "me.example.com";
Doesn't seem to do anything.
Any help on this greatly appreciated.
server {
listen 8080;
server_name localhost;
# test APi
location /test/api {
# Edit this line only:
proxy_pass https://test.com/test/api;
proxy_set_header Host $http_host;
break;
}
location / {
proxy_pass http://localhost:4567;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Referer "me.example.com";
}
}
The proxy_set_header directive sends headers to the backend. If you want nginx to return headers to the client, then the add_header directive is what you're looking for.
http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header

Nginx Passing to Servers Based on URI

I have been setting up Nginx on my router, and creating subdomains (with CNAMES) to access various components within my network. It has mostly been fairly easy, until I have come to the cameras which are proving to be a problem.
They are basic IP cameras and to date I had opened each one on a different port. They have basic authentication, and once that has been entered I am presented with a live view.
Like all the other components I have set up so far (and they all work) I started by configuring one:
server {
listen 80;
server_name cam.example.co.uk;
location / {
proxy_pass http://192.168.1.101:2001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Hitting cam.example.co.uk from either LAN or WAN gives me a username and password prompt and then the live view loads.
Since there are 9 cameras, I thought it would be a good idea to use /1, /2, /3 etc. at the end to direct me to each one rather can creating subdomains.
server {
listen 80;
server_name cam.example.co.uk;
location /1/ {
proxy_pass http://192.168.1.101:2001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /2/ {
proxy_pass http://192.168.1.102:2002;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
With that I got 404 not found errors, and messages in the logs such as:
"/usr/html/new/index.htm" failed (2: No such file or directory)
Some Googling later I found out that I may need to specify the URI as well in the proxy_pass line, so I changed them to look like:
proxy_pass http://192.168.1.102:2002/new/index.htm;
This then results in the username and password prompt, but when the credentials are entered, all I am left with is a blank screen. It worked fine when it was just location / so no idea why nothing is showing now.
I have a feeling that it is putting the URI in somewhere, but I have no idea where/why or what to do about it.
EDIT
Been Googling and trying various things:
location /1 {
resolver 127.0.0.1;
set $backend "http://192.168.1.101:2001/new/index.htm";
proxy_pass $backend;
proxy_buffering on;
proxy_redirect http://192.168.1.101:2001/new/index.htm http://cam.example.co.uk/1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
Then going to this in the browser cams.example.co.uk/1 brings up the username and password prompt, but then displays a blank page. Looking at the Chrome developer tools I can see unexpected token errors, and it looks like it isn't loading the .js files properly.
If the proxy_pass directive is specified with a URI, then when a request is passed to the server, the part of a normalized request URI matching the location is replaced by a URI specified in the directive.
Try this:
server {
listen 80;
server_name cam.example.co.uk;
location /1/ {
proxy_pass http://192.168.1.101:2001/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect http://192.168.1.101:2001/ http://cam.example.co.uk/1/;
}
location /2/ {
proxy_pass http://192.168.1.102:2002/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect http://192.168.1.101:2002/ http://cam.example.co.uk/2/;
}
}
Source: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass

Nginx rule to redirect specific https link only

I have configured nginx as reverse proxy tool. I have come across a problem which I have not been able to deal with. Following are the rules I have set in my .conf file.
server {
listen 80;
server_name rp.mydomain.com;
return 301 https://$host/myapp1/;
location / {
proxy_pass <local ip address>;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect http://$host https://$host;
proxy_set_header Host $host;
}
}
server {
listen 443 ssl;
server_name rp.mydomain.com;
location / {
proxy_pass <local ip address>;
proxy_redirect http:// https://;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
proxy_ssl_session_reuse on;
}
}
My application resides on /myapp1/ . The reason why I am not writing /myapp1/ in the proxy_pass [I tried] is because the redirection is not working properly WHEN I try to login on the page. I get the error page not found.
But after this rule in listen 80 block, return 301 https://$host/myapp1/; its working like charm, but only if I go open the http page.
When I open the link, rp.mydomain.com. The redirection is working perfectly and the application works fine too. The http request is redirected to https and I can log in through my app.
But, when I go through https://rp.mydomain.com, I end up at the blank page of <local ip address>, because of the proxy_pass rule in listen 443.
My requirement is whenever the specific request of the page is generated, which is, https://rp.mydomain.com, its redirected to https://rp.mydomain.com/myapp1/ (like when it does when the user accesses the page through http://rp.mydomain.com) but the other requests, like https://rp.mydomain.com/myapp1/ or https://rp.mydomain.com/myapp1/profile [etc etc] are not affected.
Just one specific page https://rp.mydomain.com gets redirected automatically.
Is it possible to do so? Please help me in this issue.
Thank you.
Try:
server {
listen 80;
server_name rp.mydomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name rp.mydomain.com;
location = / {
rewrite ^ /myapp1/ last;
}
location / {
proxy_pass <local ip address>;
proxy_redirect http:// https://;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
proxy_ssl_session_reuse on;
}
}
The location = / block has been added to create the mapping from / to /myapp1/. To change the URL in the browser, use permanent instead of last. See this document for details.
You will need to add additional proxy_redirect statements to prevent your local ip address leaking out when the application performs a redirect. See this document for details.
It is assumed that your SSL certificates are defined in an outer block and inherited.

nginx rewrite rule for redirection

I have two apps running on host1:7000 and host2:7000. I am fronting the two hosts by an nginx reverse proxy, where I want mydomain.com/admin to point to host1:7000/portal and mydomain.com/user to host2:7000/portal.
I have written the following config
listen 80;
server_name mydomain.com *.mydomain.com;
location ~ ^/admin/(.*)$ {
proxy_pass $scheme://<IP-ADDRESS>/$1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
I can get to mydomain.com/admin to be redirected to host1:7000/portal but when the app redirects from host1:7000/portal on to host1:7000/login via relative path, in the browser I see mydomain.com/login. What do I need to do to get the second redirect go mydomain/admin/login?
Why do people use regexps for no reason and have all kind of problems with it?…
location /admin/ {
proxy_pass http://host1:7000/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
This will automatically strip /admin/ from proxied request and prepend it in Location header (which is used in redirect).
See proxy_pass and proxy_redirect docs.

Resources