I want to achieve the following:
Request Host:
http://example.com.proxy.myserver.com
Should be rewritten to
http://example.com
and passed to a squid server via nginx proxypass.
server {
listen 80;
server_name ~^(?<subdub>.*)\.proxy\.myserver\.com$;
location / {
rewrite ^ $scheme://$subdub break;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $scheme://$subdub;
proxy_set_header Request-URI $scheme://$subdub;
proxy_pass http://localhost:3128;
proxy_redirect off;
}
}
The problem is, that nginx redirects this request immediately to http://example.com
Any ideas how to get this working?
301 redirect is exactly what nginx shall do with that rewrite rule: because you put $scheme://$subdub at the replacement part, nginx will do a 301, ignoring that "break" flag.
If the replacement string begins with http:// then the client will be redirected, and any further rewrite directives are terminated.
Are you trying to "rewrite" or "redirect"? If it's just for rewrite, you can remove that rewrite directive:
rewrite ^ $scheme://$subdub break;
and it will work because your upstream server could rely on the HOST header to determine the traffic target (virtual hosting).
Also your host header sent to the upstream server is wrong. It should be
proxy_set_header Host $subdub;
$scheme should not be put in the Host header.
Related
How to enable Nginx redirect subfoler to another port using original port? e.g.,
Service1: http://127.0.0.1:5000
Service2: http://127.0.0.1:8080
Exposed IP port via Nginx is 127.0.0.1:6060
The goal is when accessing http://127.0.0.1:6060/sub, it will access http://127.0.0.1:8080, but the URL user see is still http://127.0.0.1:6060/sub.
I tried two configurations, but they didn't work.
server {
listen 6060;
server_name 127.0.0.1;
location /sub/ {
# method 1: use proxy pass, browser says "static resources not found"
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host:6060;
proxy_pass http://127.0.0.1:8080;
# method 2: use rewrite, the URL will be http://127.0.0.1:8080
rewrite ^/pct/(.*)$ http://127.0.0.1:8080 redirect;
}
location / {
proxy_pass http://127.0.0.1:5000;
}
Thanks.
I am having difficulty rewriting url and reverse proxy the request to a spring boot app. Rewrite works but i am losing port number and cause of that it is not working. For example
localhost:80/order.pl converts into localhost/home. The port gets lost and app is not receiving the request
Similar examples online don't work.
server
{
listen 80;
server_name localhost;
set $upstream localhost:8050;
location ~"^\/order.pl$"
{
rewrite "^\/order.pl$ "/home" permanent;
}
location /
{
proxy_set_header X - Forwarded - For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X - Real - IP $remote_addr;
proxy_buffering off;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_pass http: //$upstream;
}
}
If I don't do rewrite, reverse proxy is working but with rewrite I am losing port number. Any info would be appreciated.
Thanks
Nginx would not normally specify the port as part of an external redirect if the port number is the same as the default port for the scheme. Port 80 for http and port 443 for https.
You can specify the port explicitly in the rewrite statement.
For example:
location = /order.pl {
return 301 $scheme://$host:$server_port/home;
}
Note: I used curl to test this, as the browser dropped the port from the address-bar for exactly the same reasons.
I had a proxy server which redirects communications to some api on customer side via https. When I use configuration with set upstream variable (proxy_pass $upstream_endpoint$request_uri;), the DNS resolving for this domain (dynamic changing IP adress) is working well but I get response 403 unauthorized.
When I use configuration without upstream (proxy_pass https://api-test.example.com/api/), point directly to customer domain it works well, I am getting response 200 but DNS resolver is not working anymore..
Nginx config:
location /api-test.example.com/api/ {
resolver 10.100.10.1 valid=5s;
set $upstream_endpoint https://api-test.example.com;
proxy_pass $upstream_endpoint$request_uri;
#proxy_pass https://api-test.example.com/api/;
proxy_ssl_name api-test.example.com;
proxy_ssl_server_name on;
proxy_set_header Host api-test.example.com;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
By adding a URI to the proxy_pass statement, the requested URI is rewritten before passing it upstream. See this docuement for details.
So the URI /api-test.example.com/api/foo is rewritten to /api/foo.
You can achieve the same behaviour with a rewrite...break statement. See this document for details.
location /api-test.example.com/api/ {
rewrite ^/api-test.example.com(.*)$ $1 break;
set $upstream_endpoint https://api-test.example.com;
proxy_pass $upstream_endpoint;
...
}
I'm setting up a web/app/db stack, and the nginx proxy configuration isn't working the way I thought it would.
so here is an example of the stack...the url of the application is:
https://testapp.com
here is the nginx config:
server {
listen 8886;
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
#ELB
if ($http_user_agent = 'ELB-HealthChecker/2.0') {
return 200 working;
}
#HTTP to HTTPS
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
location / {
set $proxy_upstream_name "testapp.com";
port_in_redirect off;
proxy_pass http://internal-alb.amazonaws.com:8083/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header Access-Control-Allow-Origin $http_origin;}
The app is proxied to an internal AWS alb, and it forwards it to a single (at this point) application server.
I'm able to get the site to serve. However, the application creates a redirect on login, and I get the following response.
Request URL:https://testapp.com/login
Request Method:POST
Status Code:302
Remote Address:34.192.444.29:443
Referrer Policy:no-referrer-when-downgrade
Response Headers
content-language:en-US
content-length:0
date:Mon, 11 Sep 2017 18:35:34 GMT
location:http://testapp.com:8083/testCode
server:openresty/1.11.2.5
status:302
The redirect fails because it's being served on 443, not 8083.
For some reason the app or the proxy isn't updating the port as it doing it's reverse proxy thing, so that the redirect has the proxied port NOT the actual application port 443.
What do I need to do with nginx config to get it to redirect correctly.
thanks.
myles.
The normal behaviour of the nginx is to rewrite the upstream address to the address the page was served from. It looks like instead of using your upstream address (http://internal-alb.amazonaws.com:8083/), your app is responding using a mixture of the two (http://testapp.com:8083). You can either change the app behaviour, or, to fix it at the nginx level, can use the proxy_redirect directive.
I'm reasonably sure the directive to fix this is proxy_redirect http://testapp.com:8083/ https://testapp.com/;
I'm trying to run a squid server behind nginx.
I configured nginx like this:
server {
listen 8080;
location / {
proxy_pass http://localhost:3128;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Then I set my http network proxy to:
my-nginx-server-address:8080
So when I try to view the Google homepage, the nginx will get the request:
Get http://www.google.com/ HTTP/1.1
However when nginx pass the request to squid it will change the request_uri to
/
So squid won't work.
Is there any way I can set the request_uri back to http://www.google.com then pass it to squid? Or any other ways I can run squid behind nginx?
Try proxy_set_header Request-URI $request_uri;
In reply to your comment, you may also prefer to add:
upstream _squid {
server localhost:3128;
}
server {
...
proxy_pass http://_squid/$host$uri;
}