nginx reverse_proxy with axis camera - default rewrite not working

nginx reverse_proxy with axis camera - default rewrite not working - nginx

I've got an AXIS camera sitting behind my firewall.
If you cURL to the camera's IP, it wants to redirect you to /view/index.shtml via a meta refresh.
I'm trying to access the camera via webserver-IP/camera. My nginx config is simple - it looks like this:
location /camera {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://192.168.0.205:80/;
proxy_redirect default;
}
This however is not working - the redirect isn't happening. When I access webserver-IP/camera, it redirects me to webserver-IP/view instead of webserver-IP/camera/view.
Any ideas?
Thanks!

Try replacing your proxy_redirect with this line
proxy_redirect http://192.168.0.205:80/; http://192.168.0.205:80/camera/;
I don't know what your Location header says exactly, but you should get the idea, replace the IP with a hostname or whatever the redirect is trying to take you, you're simply telling nginx to append /camera to whatever redirect the website asks you to do

The problem is that the html, js, and css returned by the axis camera all assumes that you are accessing it from a URL like http://192.168.0.205/ (Just the scheme and host, no additional /camera/ path)
If you look at the html you'll see stuff like:
<script src="/incl/prototypes.js?ver=5.80.1" language="javascript" type="text/javascript"></script>
In short, you need to re-write the content you are serving to reflect the new URL you'll be requesting it from: http://192.168.0.205/camera/
You can do that using a sub filter:
location /camera {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://192.168.0.205:80/;
proxy_redirect default;
# nevuh fuhget where you from
sub_filter_once off;
sub_filter_types *;
sub_filter '"/' '"/camera/';
sub_filter '=/' '=/camera/';
}
Depending on your camera, you may have to play around with and add more sub_filter lines to catch all of the places where the base path is incorrectly pointing to /. Also, this is basically parsing html/js/cs with REGEX so beware.

Related

Nginx location to FLASK route

I have 2 docker containers running. 1 is FLASK and 2 is Nginx.
This is the configuration of the Nginx location
location /search/?(.*) {
proxy_pass http://backend:8080/search/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
}
The FLASK is running on port 8080 and the route #app.route('/search', methods=['GET']) and running with app.config['SERVER_NAME'] = 'mydomain.com'
When I try to send a GET request to "mydomain.com" (going through the NGINX) from external I get
Cannot GET /search
When I remove app.config['SERVER_NAME'] = 'mydomain.com' from the FLASK I can send GET to EXTERNAL_IP:8080 (Directly to the backend not though the NGINX).
But when I leave the app.config['SERVER_NAME'] = 'mydomain.com' and try to GET mydomain.com:8080 I get 404 Not Found
What am I missing here?
I want all requests to go though the NGINX and I want to use mydomain.com

I think your main mistake is that you trying to match the whole request URI including the query part while location directive (as well as the rewrite one) works with the normalized URI which doesn't include the query part at all (check the location directive documentation to find out what URI normalization is). Looks like you are also trying to use a regex while regex location should be declared using a ~ (or ~*) modifier. Nevertheless you don't need any regex locations at all for your particular case. To proxy a single API endpoint preservig the Host HTTP header value, you can try this one:
location = /search {
proxy_pass http://backend:8080;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
You don't need to specify an URI with the proxy_pass directive since you are not changing your request URI. If your API endpoint is /search/ rather than /search, change the location accordingly. If it is an URI path prefix rather than a single API endpoint, use a prefix location /search/ { ... } instead of exact match location.

How to configure Nginx so the proxy_pass also aply to in-site requests?

So let me introduce you to my context: I have a several containers deployed and I'd like to use nginx as reverse proxy so I can target my other containers (which are API's) through something like this: https://example.mysite.com/services/whatever_the_api.
I managed to get to a point where the proxy_pass works like a charm but now I have a problem: when my API admin page loads, it tries to find the assets like this : https://example.mysite.com/assets/... ditching the /services/api/ part.
Here is my /etc/nginx/config.d/sample.conf file :
server {
listen myhost:80;
server_name myhost;
location ^~ /services/apiName/ {
proxy_pass http://myapp:1338/;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
If anyone knows what is the configuration material I'm missing, I'll be grateful to hear about it.

How to enforce a rewrite or redirect for an nginx reverse proxyed location

I am trying to use Nginx to reverse proxy a node.js app on a sub-directory of my main website which is also reversed proxied.
The / reverse proxy works as expected however the second location does not load any assets...
I am using the below config:
location / {
proxy_pass http://192.168.1.104:3000/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /new/ {
proxy_pass http://192.168.1.65:3000/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
This works in as much as when I go to the ./new url I can see the default page of the node.js app but no images, css or js assets are loaded.
When I check the browser console I can see loading errors that show that the browser is trying to load the assets from the / location...
Also the links shown on the page loaded at ./new also point to the / location so they also do not work...
I have been trying to work out how to resolve this for days and have seen that rewrite or return commands in the nginx.conf file can be used to redirect the browser but none of these seem to work to correct my issue... or I may be mis-understanding how to use them as I see a 'too many redirects' error page when trying to load from the ./new url...
I would really appreciate any pointers on how I can resolve this.
Thanks.

You need to modify your app to prepend its root path to urls, nginx does not alter proxied content.

nginx reverse proxy and paths

This is the issue I'm having with this application that we cannot modify:
Example:
I'm trying to set this app so that it goes to:
reverseproxy.com/app1/ which should redirect to:
reverseproxy.com/app1/index.html
However, when the app does a redirect it goes
reverseproxy.com/index.html which throws a 404. (note its missing "app1" in the path)
I've been having a hard time finding a clear answer on this. I assume that it must be something I am missing, here is my current conf:
location /app1 {
proxy_pass https://applicationserver.com/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
Any help would be appreciated.
Thanks
Jon

simple nginx reverse proxy seems to strip some headers

I am a beginner at nginx. I have a simple webserver on 8080 that I want to pass all traffic to in this rather small environment. My proxy seems to work except that a custom header is not there when it gets to my upstream server. The server block is below. What would I need to add to this to keep my custom header? In this case the custom header was set in angularjs but I don't think that has anything to do with it as it works fine going directly to 8080 on the server. ($httpProvider.defaults.headers.common['GH_client'] = client_id();)
server {
server_name localhost;
location / {
proxy_pass http://localhost:8080;
proxy_redirect off;
proxy_pass_header X-CSRF-TOKEN;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}}
Thanks for any help.

Your header contains underscore (_). By default, nginx treats headers with an underscore as invalid and drops them.
You should enable underscores_in_headers directive.
Otherwise, consider changing the header name to one without underscores. GH-client will be perfectly valid and proxied to your backend server.

Develop Reference

r css asp.net wordpress firebase qt symfony nginx http apache-flex