Rails 3.2 Nginx Unicorn Basic Authentification - nginx

I am trying to get Basic Authentification to work with Rails 3.2 nginx and Unicorn
The configuration works for hosting my site. I used the Rails Basic Authentification in the Controller but i have to many problems while testing. The .htpasswd file is also working i could restrict the access to a static site.
In the location config i tried
location /
location /home/deployer/apps/rails/current/public
location /home/deployer/apps/rails/current/
Any ideas?
This is my config:
upstream unicorn {
server unix:/tmp/unicorn.blog.sock fail_timeout=0;
}
server {
listen 80 default deferred;
server_name railsserver;
root /home/deployer/apps/rails/current/public;
location / {
auth_basic "Restricted";
auth_basic_user_file /var/www/prototyp/.htpasswd;
}
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #unicorn;
location #unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
I tried it with this config now but it does not work
server {
listen 80 default deferred;
server_name rails.com;
root /home/deployer/apps/rails/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri /;
location / {
auth_basic "Restricted";
auth_basic_user_file /var/www/prototyp/.htpasswd;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}

Do it like this to get it to work:
location / {
auth_basic "Restricted";
auth_basic_user_file /var/www/prototyp/.htpasswd;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
You don't need the #unicorn location

Related

Nginx reverse proxy returns 404 on static files

Basically I have two local application hosted on 2 different local port.
I'm trying to access http://localhost/admin which is serve via reverse_proxy but I got http://localhost/admin/main.css net::ERR_ABORTED 404 (Not Found).
Ive also tried below (without slash) but I still got the same error.
location /admin{
proxy_pass http://127.0.0.1:8090
....
}
app1.conf
server{
listen 80;
listen [::]:80;
root /var/www/first_app/dist;
index index.html;
access_log /var/log/nginx/first_app.access.log;
error_log /var/log/nginx/first_app.error.log;
location / {
try_files $uri $uri/ /index.html =404;
}
location /admin/{
proxy_pass http://127.0.0.1:8090/
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
client_max_body_size 0;
}
location ~* .(ico|jpg|png|gif|jpeg|css|swf|js|woff)$ {
access_log off;
gzip_static on;
gzip_comp_level 5;
expires 1M;
#add_header Cache-Control private;
add_header Cache-Control public;
}
}
app2.conf
server{
listen 8090;
listen [::]:8090;
root /var/www/second_app/dist;
location /{
try_files $uri /index.html;
}
}
It would be great if someone can explain to me what I'd miss? Thanks much.

Rewrite nginx url

I am facing problem with rewriting url in nginx.
The issue is if the url contains domain/.well-known/acme-challenge/ it should be replaced by domain/folder/.well-known/acme-challenge.
How can I rewrite nginx for this so that it points to proper location.
The request for the nginx configuration works with this url:
domain/folder/.well-known/acme-challenge
but I want it to redirect when it finds something like
domain/.well-known/acme-challenge/
Here is my nginx conf:-
#upstream jboss {
# server domain:8080;
#}
server {
listen ip:80;
server_name domain;
access_log /var/log/nginx/domian_access.log;
error_log /var/log/nginx/domain_error.log warn;
# location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
# expires 365d;
#}
location /folder/ {
# ModSecurityEnabled on;
# ModSecurityConfig modsecurity.conf;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Forwarded-Host $host;
# proxy_set_header X-Forwarded-Server $host;
proxy_pass http://ip:8080/folder/;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
index Main.jsp index.html;
}
#index index.html ;
# try_files $uri $uri/ =404;
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root html;
#}
I don't think you need to rewrite the url, but to send the url to the correct folder.
.well-known/acme-challenge is known to be a challenge for ssl certificates that are made automatically (lets'encrypt), so simply set the alias to the folder where your bot writes the "challenge" and you are good to go.
location /.well-known/acme-challenge {
auth_basic off;
alias /directory/to/challenge;
default_type text/plain;
}
That way it will "accept" and respond the challenge correctly
Even if you keep wanting to rewrite it, set a redirec to to domain/folder/$request_uri line:
location /.well-known/acme-challenge {
return 301 http://$host/folder/$request_uri;
}

nginx serve from static if not found try reverse proxy

I have an application which is developed using angularjs and the entire application loads when the dist/ folder is accessed.
What am trying todo is, that when page is not found on angularjs, to try on a reverse proxy, I tried to do the below setup but nginx does not allow setting up the same location twice in single block
server {
listen 80;
server_name example.com;
keepalive_timeout 60;
client_max_body_size 10M;
root /var/lib/www/dist;
charset utf-8;
location / {
expires -1;
add_header Pragma "no-cache";
add_header Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
root /var/lib/www/dist;
try_files $uri $uri/ /index.html =404;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://app_root;
break;
}
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/lib/app/etc/templates;
}
}
so basically, if the URL 404'ed on angularjs I want it to try and pass it to proxy_pass http://app_root; any one can advise on how to achieve this setup?
Thanks,
UPDATE
So am trying approach proposed by "Mohammad AbuShady", and updated my nginx settings to following, but still not working, instead it tries to find the page in the AngularJS app and not move to the #proxy up_stream setup
upstream app_root {
server unix:/tmp/app_root.sock fail_timeout=0;
}
server {
listen 80;
server_name example.com;
keepalive_timeout 60;
client_max_body_size 10M;
root /var/lib/www/dist;
charset utf-8;
location / {
expires -1;
add_header Pragma "no-cache";
add_header Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
root /var/lib/www/dist;
try_files $uri$args $uri$args/ $uri/ /index.html #proxy;
}
location #proxy {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
if (!-f $request_filename) {
proxy_pass http://app_root;
break;
}
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/lib/app/etc/templates;
}
}
You're over thinking it, a single location can handle it and then give it a fallback
location / {
# omitted extra settings
# check notes below
try_files $uri #proxy;
}
location #proxy {
# omitted proxy settings
proxy_pass http://app_root;
}
Notes:
No need for a second root inside location, it's already defined in
server block
I've removed $uri/ because you don't have index in your server.
I also removed /index.html, if you do want to use it then you might want to define it as index in the server block and put the $uri/ back
server {
index index.html;
location / {
try_files $uri $uri/ #proxy;
}
}
I have no idea where app_root is, but I'm assuming it's an upstream defined somewhere else.
Try this Mo:
server {
listen 80;
server_name example.com;
keepalive_timeout 60;
client_max_body_size 10M;
root /var/lib/www/dist;
charset utf-8;
location / {
expires -1;
add_header Pragma "no-cache";
add_header Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
root /var/lib/www/dist;
try_files $uri $uri/ /index.html =404;
error_page 404 = #404;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://app_root;
break;
}
}
location #404 {
proxy_pass http://app_root;
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/lib/app/etc/templates;
}
}

Nginx is not serving updated files

I have configured nginx in production to server our website app, it was working fine till today. Last update I pushed was one month back, today I pushed updated code and restarted nginx but nginx is still serving old file not the updated files.
Configuration from nginx.conf
user root;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http{
sendfile off;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
expires off;
open_file_cache off;
gzip on;
gzip_disable "msie6";
server{
listen 80;
server_name ****.****.com;
root /etc/nginx/www/app/public/;
include www/app/proxy.conf;
}
include www/app/staticserver.conf;
}
proxy.conf
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://10.0.3.2:3003;
proxy_redirect off;
access_log app;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://10.0.3.2:3003;
proxy_redirect off;
access_log app;
}
location /socket.io/ {
proxy_pass http://10.0.3.2:3003;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
#js and html
location ~* ^.+\.(js)$ {
proxy_pass http://10.0.3.2:8197;
}
#css and image and Fonts.. etc..
location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|flv|swf|woff|eot|ttf|svg|html|htm|less)$ {
proxy_pass http://10.0.3.2:8198;
}
staticserver.conf
#For serve java script files
server {
listen 8197;
server_name 10.0.3.2;
location / {
root /etc/nginx/www/app/public;
access_log app_js;
}
#error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
#For serve css | less | images |fonts..
server {
listen 8198;
server_name 10.0.3.2;
location / {
root /etc/nginx/www/app/public/;
access_log app_others;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
set sendfile off; is not working for me, any other configuration should I do to stop nginx serve old files.
I tried clear browser cache as well but no use.

configure subdomain nginx with unicorn

I am using nginx + unicorn in linode.
This is my nginx.conf
upstream unicorn {
server unix:/tmp/unicorn.mydomain.sock fail_timeout=0;
}
server {
listen 80 default;
server_name mydomain.com;
keepalive_timeout 5;
root /home/hyperrjas/mydomain.com/current/public;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# this is required for HTTPS:
# proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
location ~ ^/(assets)/ {
root /home/hyperrjas/mydomain.com/current/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
error_page 500 502 503 504 /500.html;
}
I want to add 4 subdomains:
imagescdn1.mydomain.com
imagescdn2.mydomain.com
imagescdn3.mydomain.com
imagescdn4.mydomain.com
How can I do it?
You should use regex for server_name directive, i.e. something like this:
server {
server_name mydomain.com ~^imagescdn\d+\.mydomain\.com$;
}
Refer to original documentation here and here for more information.

Resources