I've been setting up Nginx as a reverse proxy for an app on the server. Part of this includes a maintenance page that has external content (like images). I was able to find a method for setting up an error page with images returning 200, but it looks like a reverse proxy will change the whole environment. Here's the original solution from nginx maintenance page with content issue
error_page 503 #maintenance;
location #maintenance {
root /path_to_static_root;
if (!-f $request_filename) {
rewrite ^(.*)$ /rest_of_path/maintenance.html break;
}
return 200;
}
The Reverse Proxy is configured as:
location / {
proxy_pass http://127.0.0.1:9007/;
proxy_redirect off;
}
The Problem is that when a file is found to exist in the "maintenance" root, something goes wrong and the server returns a 502. Anyone know what the cause could be?
Some speculation I'm wondering if server listens on port 80, it somehow passes any good file request back into the proxy. If that were true, how would that be avoided?
Edit
Here's the error in the nginx log. I am directly trying to access 50x.html. Not sure why this would occur?
2012/02/17 19:39:15 [error] 21394#0: *13 connect() failed (111: Connection refused) while connecting to upstream, client: (my ip address), server: _, request: "GET /50x.html HTTP/1.1", upstream: "http://127.0.0.1:9007/50x.html", host: "domain.com"
It looks like it is indeed trying to GET from the app and not the root. How can I bypass this?
Edit 2
I originally thought I had found an answer where a change was made for nginx v1.0.12 but it did not solve the problem. It involved a similar situation but my guess is the fix was too specific.
You shouldn't need to involve the backend (I.E., shouldn't use proxy pass) since your maintenance page should be a static html file that Nginx can serve directly.
Assuming you have a setup configured as ...
server {
listen 80;
server_name example.com;
root /path/to/webroot;
# Regular locations etc
...
}
Create a folder called "503_status" and put your maintenance page in there as "503.html".
With that in place, create a file called "maintenance.default" under the Nginx directory with the following content ...
error_page 503 /503_status/503.html;
# Candidate for redirection if not ending with one of these extensions.
if ( $request_uri !~ \.(jpg|gif|png|css|js)$ ) {
set $maint "Tr";
}
# Candidate for redirection if not a request for the maintenance page
if ( $request_uri !~ ^/maintenance/$ ) {
set $maint "${maint}ue";
}
# Redirect to a location where the status code will be issued
if ( $maint = True ) {
rewrite ^ /maintenance/ redirect;
}
# Due to Nginx quirk, issue the status code in a location context.
# Make "internal" to prevent direct browsing.
location /maintenance {
internal;
return 503;
}
# 503_status folder as "internal" so no direct browsing
location 503_status {
internal;
alias /server/path/to/503_status/folder;
}
Whenever you put to put the site into maintenance, just include the file as follows ...
server {
listen 80;
server_name example.com;
root /path/to/webroot;
include /server/path/to/maintenance.default;
# Regular locations etc
...
}
This will serve your maintenance page as well as any resources it needs (just make sure extension is in the list). The backend server does not come into play at all.
Related
I'm very new to nginx and I was tasked with building a reverse proxy with a few services. So far so good, but my next assignment was for the reverse proxy to have a setting for an that we have on 192.168.0.16/app to be accesible from app.domain.com.
The nginx settings I've tried so far are:
server_name app.mydomain.com;
location / {
proxy_pass http://192.168.0.16/app;
}
Which gives me 404 not found,
server_name app.mydomain.com;
location / {
proxy_pass http://192.168.0.16/app/;
}
Which also gives 404 not found but the IIS server gives a little more info:
URL requested:
http://app.mydomain.com:80/app/APP/Account/Login?ReturnUrl=%2fapp%2f
So it's redirecting twice or entering a directory it shouldn't.
I appreciate any insight!
I'm a newbie at Nginx, and have been searching a lot for the right answer to my question, but couldn't find it; not because it is not there, but my newbie condition limits me to adapt a generic solution to my issue.
The situation is this:
I have a Mantis Bug Tracker in my private LAN (http://10.111.111.12).
On the other hand, i have an OwnCloud website also on my LAN (IP 10.111.111.5), with URL http://10.111.111.5/owncloud/.
What i want to do is to deploy a Nginx Reverse Proxy that handles all requests from Internet at publicdomain.com, and use trailing slash for each internal webserver. The desired result would be:
http://www.publicdomain.com/bugtracker -> redirects to http://10.111.111.12/index.php
http://www.publicdomain.com/cloud -> redirects to http://10.111.111.5/owncloud/ (note that "cloud" is preferred over "owncloud")
On the future, it is necessary to continue using trailing slash for other web servers to be deployed.
Questions are:
is this scenario possible? if so, is it enough with configuring nginx or I have to reconfigure internal web servers as well?
I really appreciate your help, by indicating me a possible solution or pointing me to the right direction on previous posts.
Thanks a lot in advance.
Yes it is possible to achieve such configuration and it's commonly used when NGINX is acting as a reverse proxy. You can use this configuration as an inspiration for building your own:
upstream bugtracker {
server 10.111.111.12;
}
upstream cloudupstream {
server 10.111.111.5;
}
server {
listen 80;
location /bugtracker/{
proxy_pass http://bugtracker;
}
location /cloud/{
proxy_pass http://cloudupstream/owncloud;
}
}
What's happening over here is that nginx will be listening on port 80 and as soon as a request comes for path /bugtracker, it will automatically route the request to the upstream server mentioned above. Using this you can add as many upstream servers and location blocks as you want.
Reference: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass
Thanks a lot Namam for your quick answer. However, it isn't working yet. It seems that "server" at upstream directive does not allow slash, like this:
server 10.111.111.5/owncloud;
If i used it, i obtained
nginx: [emerg] invalid host in upstream "10.111.111.5/owncloud" in /etc/nginx/nginx.conf:43
I started with the first upstream bugtracker, only, and nginx.conf like this:
upstream bugtracker {
server 10.111.111.12;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
location /mstic{
proxy_pass http://bugtracker;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
After that, when accesing to my Nginx Reverse proxy http://10.111.111.10/mstic/ i obtain the following:
Not Found The requested URL /mstic/ was not found on this server.
and no further details on error or access logs.
Thanks a lot in advance for any extra help you could bring me.
I have a nginx instance running. My config is something like the following.
server {
listen 80;
listen 443;
location / {
...
proxy_pass http://127.0.0.1:8080;
...
proxy_redirect http://127.0.0.1:8080 example.com;
}
}
I have some software running in 8080 and I want that the user enters example.com/somepath and be able to be redirected to the root 127.0.0.1:8080 through my domain. The software should receive all urls without /somepath but the browser should still show /somepath in the name.
I am quite new so sorry for the basic question I could not find any relevant info on how to do this exactly: I tried rewrite rules and setting location /mysoftware { tests with no luck.
The client browser uses /somepath/... to access /...in the application. This means that nginx must rewrite the URI before passing it upstream.
The proxy_pass directive has a basic rewrite capability. See this document for details. For example:
location /somepath/ {
proxy_pass http://127.0.0.1:8080/;
...
}
Alternatively, you might use a rewrite ... break statement. See this document for details. For example:
location /somepath {
rewrite ^/somepath/?(.*)$ /$1 break;
proxy_pass http://127.0.0.1:8080;
...
}
The difficult part is preventing your application from breaking out of /somepath. The proxy_redirect directive can handle the 3xx responses from your application. But the location of resource files (.css and .js) and the target for hyperlinks, can cause problems for applications that are not aware that they need to stay inside a subdirectory.
nginx server serves http://server1.com, http://server2.com and http://server3.com.
nginx upstreams request process to some ruby code.
server1.com, server2.com and server3.com are actually some static files stored on amazon s3.
I want to do next: find bucket name for 'server1' host, put in db some logs and notify nginx to stream from amazon.
Maybe via setting in ruby code header with url to amazon s3 bucket and using this url later by nginx.
The flow: browser -> nginx -> ruby -> nginx -> amazon_s3 -> browser
I found how i can do this on error:
http {
server {
listen 12345; #Port that my custom app was assigned
server_name mydomain.com;
location / {
proxy_intercept_errors on;
error_page 400 403 502 503 504 = #fallback;
proxy_pass http://the_old_site_domain.com;
}
location #fallback {
proxy_pass http://myfallback.domain.com;
}
}
}
But is there a way to do something similar based on header appereance?
Thanks!
UPD
This is how i can test my header:
if ($http_x_custom_header) {
....
}
If set nginx should do some internal redirect, right?
But how it can be invoked after ruby code?
There is special headers called X-Accel-....
You need X-Accel-Redirect.
After adding rewrite block, the Ubuntu 12.04 server hosting Rails 3.2.12 app throws out 404 Not Found error when entering mysite.com/nbhy.
Here nbhy is a symlink under root /var/www/ pointing to /var/www/nbhyop/current/public and it is for hosting rails app. The purpose of the rewrite is to rewrite to /nbhy/authentify/sigin when user entering /nbhy or /nbhy/
Here is server block in nginx.conf:
server {
listen 80;
server_name mysite.com;
root /var/www/;
passenger_enabled on;
rails_env production;
passenger_base_uri /nbhy;
}
location / {
rewrite "/nbhy" /nbhy/authentify/signin last;
rewrite "/nbhy/" /nbhy/authentify/signin last;
}
}
The error.log on nginx for the error is:
2013/06/09 21:36:31 [error] 32505#0: *1 open() "/var/www/nbhy/authentify/signin" failed (2: No such file or directory), client: 67.173.143.107, server: mysite.com, request: "GET /nbhy HTTP/1.1", host: "mysite.com"
Before adding rewrite location block, the system could bring up login page with url mysite.com/nbhy/authentify/signin. But now it throws out error after adding the rewrite block. What's wrong with the rewrite?
The location block must be within the server block:
server {
listen 80;
server_name mysite.com;
root /var/www/;
passenger_enabled on;
rails_env production;
passenger_base_uri /nbhy;
location / {
# Matches /nbhy /nbhy/ /nbhy////////////...
location ~ ^/nbhy/*$ {
return 301 /nbhy/authentify/signin;
}
# Other rules (regex) goes here
}
}
The symbolic link is from no concern at this stage of processing.
You are using rewrite, were the first pattern is always a regular expression. Mohammad AbuShady was absolutely right with his answer of using a more specific location. But using a rewrite is not necessary, a return is better because we want nginx to abort execution and simply—well—return.
Also note how I enclosed the regular expression within the generic block location / {} which matches all locations. This is the proper way to write location blocks according to Igor Sysoev. See this forum post for more info.
My configuration above is also catching URLs with more than one slash (hence the *) and is meant as a more user friendly matching because a user might simply type too many slashes. No need to punish them, instead answer with a proper redirect.
I hope this helps!
Related Links
How nginx processes a request
If I understand correctly, you have a URI your-host/nbhy which you want to rewrite to your-host/nbhy/authentify/signin, which should be linked to /var/www/nbhy/authentify/signin, which is symlinked to /var/www/nbhyop/current/public/authentify/signin?
It looks like nginx is complaining about not finding /var/www/nbhy/authentify/signin. Since you have a symlink from /var/www/nbhy to /var/www/nbhyop/current/public, there has to be a folder /var/www/nbhyop/current/public/authentify/signin. Are you sure there is one, and that your www-data user (or whatever user you're using) has rights to the directories above it?
Also, nginx has an option for disabling symlinks. Try setting that to off. That's the default, I know, but there might be another file that sets it to on.
It might also be that nginx doesn't follow the symlink because you added last to your rewrites. Try removing that, and see if it works then.
why not try adding a more specific location block
location ~ /nbhy/?$ {
rewrite ^ /nbhy/authentify/signin last;
}
or you could remove the regex but it would match longer urls like /nbhy/one/two
location /nbhy {
rewrite ^ /nbhy/authentify/signin last;
}