I'm using the upstream module for balancing my site. For some reason i have to redirect some requests to a specified server.
So in short: i want to redirect domain.com to a specified server, domain.com/anything can be served by the upstream module. So if theres only the domain in the request and nothing else.
location [here_something_i_dont_know]/ {
proxy_pass http://0.0.0.0:9000/;
access_log off;
}
Thanks for ur help!
location = / {
proxy_pass http://0.0.0.0:9000/;
access_log off;
}
location / {
proxy_pass http://another_upstream;
access_log off;
}
Related
I'm trying to rewrite a specific request url using nginx, but I've only gotten so far as either a permanent redirect loop or no rewrite at all.
The rewrite rule I'm trying to achieve is the following:
FROM https://localhost/api/economic/grantaccess?id=123&token=foobar
TO https://localhost/customer-api/api/economic/grantaccess?id=123&token=foobar
I'm just looking to add /customer-api/ to this specific request, any other requests should be picked up by the /customer-api/ location. Meaning that after the redirect is made to https://localhost/customer-api/api/economic/grantaccess?id=123&token=foobar the location that should be used to serve that request should be /customer-api/ so that the proxy_pass kicks in and connects to the backend.
Here is my simplified nginx config:
http {
default_type application/octet-stream;
server_tokens off;
upstream customerapi {
zone customerapi 64k;
server 127.0.0.1:6564;
}
server {
listen 80;
server_name localhost;
root /apps;
index index.html;
location ~ /api/economic/grantaccess(.*)$ {ยด
rewrite ^ /customer-api/api/economic/grantaccess$1$is_args$args break;
}
location /customer-api/ {
rewrite ^ $request_uri;
rewrite ^/customer-api/(.*) $1 break;
return 400;
proxy_pass http://customerapi/$uri;
proxy_set_header Host $host;
}
}
}
When using break flag the rewrite does not work at all because nginx tries to open the new path as a file in the filesystem instead of picking up the request via the /customer-api/ location, and if I use permanent flag I get stuck in a permanent redirect loop.
Any help is very much appreciated.
Foreword
In the main body of the question, the problem is described incorrectly. The correct explanation is described in the UPDATE block. Old text saved for history.
My project consists of two parts: backend and frontend. The following locations are responsible for redirecting requests:
location / {
root /opt/site/;
try_files $uri $uri/ /index.html;
}
location /adminpanel {
proxy_pass http://192.168.1.4:4567;
}
location /api {
proxy_pass http://192.168.1.4:4567;
}
The challenge is to redirect users to url /auth if there is no user login in the $remote_user header.
I tried to make the following construction:
in http I added:
map $remote_user $var {
default 0;
"" 1;
}
And in location / added:
if ($var) {
return 301 http://$server_name/auth;
}
When I try to enter the site, I get an error in my browser:
ERR_TOO_MANY_REDIRECTS
How do I fix my configuration file?
Thanks in advance!!!
UPDATE
My task is to configure Kerberos authentication on nginx. The backend is django. The idea is that when a request is made to api, nginx should perform kerberos authentication. But in case the user is not in the domain, then a redirect to the /auth authorization page must occur, so that the user can authenticate under an account that is registered in django CMS.
Authentication of domain users is successful. But there is a problem with non-domain users. When you open a site page that makes an api call, a basic authentication window appears. I use the auth_gss_allow_basic_fallback off directive, but this does not help.
How can I disable this and configure redirection to /auth?
My configuration file (I do not specify settings such as gzip, headers, etc.):
server {
listen 80;
server_name srv-01.example.com;
proxy_set_header remote-user $remote_user;
location / {
root /opt/site/;
try_files $uri $uri/ /index.html;
}
location /adminpanel {
proxy_pass http://192.168.1.4:4567;
}
location /api {
proxy_pass http://192.168.1.4:4567;
auth_gss on;
auth_gss_realm EXAMPLE.COM;
auth_gss_keytab /etc/krb5.keytab;
auth_gss_service_name HTTP/srv-01.example.com;
auth_gss_allow_basic_fallback off;
}}
I am new to nginx. I try to learn using search www and stackoverflow. Mostly I get help to understand how to build my nginx configuration.
I have my domain as www.mysite.com. Everything; landing page, the error and server error must be redirect to default index.html. I also define my access and error log. All this done (below code) inside the /etc/nginx/conf.d/default.conf.
I need to redirect (proxy_pass) /admin, /user and anything related to them. Example the /admin has also different folder like /admin/login/. I need to everything after /admin must be redirected. The same goes also for the /user as well.
1) Looking at my code am I redirect the location /admin and location /user correctly?
2) I also use try_files $uri $uri/ =404; in redirection. which also redirects the 404 to default index.html. Am I doing right?
3) I am also denying access to some file and folder. Am I doing right?
My main question is How to correct my nginx configuration if it is wrong? So to understand the correct nginx configuration I divide my question to 3 different question above. I hope I didnt brake stackoverflow how to ask question guidelines.
Thank you.
UPDATE:
server {
charset UTF-8;
listen 80;
listen [::]:80;
server_name www.mysite.com;
access_log /var/log/nginx/host.access.log main;
error_log /var/log/nginx/host.error.log main;
# define a root location variable and assign a value
set $rootLocation /usr/share/nginx/html;
# define www.mysite.com landing page to the static index.html page
location / {
root rootLocation;
index index.html index.htm;
}
# define error page to the static index.html page
error_page 404 /index.html;
location = /index.html {
root rootLocation;
internal;
}
# redirect server error pages to the static index.html page
error_page 500 502 503 504 /index.html;
location = /index.html {
root rootLocation;
internal;
}
# redirect www.mysite.com/admin to localhost
# /admin or /admin/ or /admin/**** must be redirect to localhost
location /admin {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass "http://127.0.0.1:3000";
}
# redirect www.mysite.com/user to localhost
# /user or /user/ or /user/**** must be redirect to localhost
location /user {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass "http://127.0.0.1:3001";
}
}
It is usual to place the root statement once in the server block, rather than repeat the same value in multiple location blocks.
You are using proxy_pass to change the URI before passing it upstream. In this case, the location value and the URI part of the proxy_pass value should either both end with / or neither end with /. See this document for details.
Usually you do not want to place try_files and proxy_pass in the same location. This causes Nginx to check for the existence of the file in its document root before allowing the request to pass upstream.
You should not need to deny access to the configuration files, as these file should not be within the document root in the first place.
Below is the relevant section of my nginx.conf file.
I only see the js|css... requests forward to my backend server when i remove the initial location block in the conf file. What im trying to accomplish is to turn off nginx access logging for files of those extensions.
Anybody know a working nginx config technique to allow me to turn off the access logs yet still forward these requests to the proxy location?
...
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
}
location / {
if ($ignore_ua) {
access_log off;
return 200;
}
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:7777/;
}
nginx chooses a location block to process a request. In the case of .js files, your location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ block is used. None of the directives within the location / block are involved. See this document for details.
If you need conditional logging, you could use the if= parameter to the access_log directive instead of a separate location block. See this document for an example.
In your case, it might look like this:
map $request_uri $loggable {
default 1;
\.(js|css|png|jpg|jpeg|gif|ico)(\?|$) 0;
}
access_log /path/to/access.log combined if=$loggable;
Note that the map directive goes in the http block.
I wanted to serve couchdb on port 80 using nginx. I basically setup the nginx conf files like this:
upstream couchdb {
server 127.0.0.1:5984;
}
server {
listen 0.0.0.0:80;
server_name example.com;
access_log /path/to/log/couchdb.log;
location / {
add_header 'Access-Control-Allow-Origin' '*';
proxy_pass http://couchdb;
proxy_set_header Host $host;
proxy_redirect off;
}
}
The configuration seems to work except for a particular case.
When I type http://example.com/_utils/ I get to the couchdb instance, but if I type http://example.com/_utils (note missing trailing slash) I get nothing because I am being redirected to http://couchdb/_utils. Note that both http://example.com:5984/_utils/ and http://example.com:5984/_utils work fine.
My WAG is that the issue is with the nginx configuration but I am not sure how that is.
It seems the culprit is proxy_redirect off;. Why did you turn it off?