I have a small express application running inside a docker container. The endpoint is accessible locally through http://localhost:8888/api/run . The docker container was run using this command:
docker run -dp 8888:8888 code-editor
I configured NGINX to serve the response from docker using the location block:
server {
server_name www.baseURL.tech baseURL.tech;
-------------------CONNECT WITH APP INSIDE DOCKER--------------------
location /compiler {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8888/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
-------------------CONNECT WITH MAIN NODE APP--------------------
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8000/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
The path being called is https://baseURL/compiler/api/run as an ajax request from the main website https://baseURL but it is returning 404.
You have
location /compiler
which results in Nginx passing on the entire URL, i.e. compiler/api/run to the Express app.
You want it to remove the compiler part and the easiest way to do that is to add a slash at the end of the location, like this
location /compiler/
Then Nginx will only pass on api/run to Express.
Related
I have an application with two github repos one for react and one for rails app. Requirement is all the routes should go to Rails server except routes starting with /catalog should go to to React app. Rails app server will communicate with React Server internally. SSL is configured on Nginx level.
I have created 3 different apps in heroku :
Rails server app
React server app
Web Server(Nginx)
My nginx server config looks like :
upstream rails {
server $HEROKU_APP_rails_URL;
}
upstream react {
server $HEROKU_APP_react_URL;
}
server {
listen $PORT;
server_name *.xyz.com;
# large_client_header_buffers 4 32k;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://rails;
}
location /catalog {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://react;
}
}
with above config I am getting HTTP 400 error on Nginx and it is not able to redirect the request. Please let me know what am i doing wrong.
Finally managed to solve this issue.. My nginx config looks like
upstream upstream_app_a {
server app_a.herokuapp.com:443;
}
upstream upstream_app_b {
server app_b.herokuapp.com:443;
}
server {
listen $PORT;
location / {
set $upstream upstream_app_a;
proxy_pass https://$upstream;
proxy_ssl_name app_a.herokuapp.com;
proxy_set_header x-forwarded-host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host app_a.herokuapp.com;
}
location /static {
set $upstream upstream_app_b;
proxy_pass https://$upstream/static;
proxy_set_header Host app_b.herokuapp.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /product_catalog {
set $upstream upstream_app_b;
proxy_pass https://$upstream;
proxy_ssl_name app_b.herokuapp.com;
proxy_set_header x-forwarded-host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host app_b.herokuapp.com;
}
}
Please make sure you set correct value for header
proxy_set_header Host app_a.herokuapp.com
We managed to solve this issue by referring to article
I have set up a gitlab container and nginx for proxy_pass but not working.
For example, I type example.com/gitlab, it can proxy_pass to 8086 port.
It can successful to display login page with out photo and the button is not working.
I find that if I add back the port number, it is work normally http://example.com:8086/projects/new
But proxy_pass address is http://example.com/projects/new, it cannot find the file and display 404.
location /gitlab {
proxy_pass http://example.com:8086;
}
how can I handle this case?
http://example.com/projects/new
http://example.com:8086/projects/new
Pass the GITLAB_HOST env in to container
docker run -e GITLAB_HOST=http://example.com/gitlab ....
and pass the request header and proxy port to the proxy server in nginx config
location /gitlab {
proxy_pass http://example.com:8086;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
i have a webapplication running in a docker container behind nginx reverse proxy on the same container network.
the nginx is set up so that foo.bar/app redirect to the container but application seems to try load resources from foo.bar/. i have tried to do what is documented here:https://www.nginx.com/resources/wiki/start/topics/examples/likeapache/
as a result my location block looked like this:
location /app {
root /app;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://webapp/;
}
where webapp is the name of the webapp's docker container in the network
for the location block this is fine
location /app {
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://webapp/;
}
the trick is to access with a trailing slash so with foo.bar/app/ rather than with foo.bar/app
additionally adding this line will add the trailing slash automagically:
rewrite ^([^.]*[^/])$ $1/ permanent
I have a docker network running with this configuration (from docker-compose.yaml):
networks:
network:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.28.1.0/24
(My network is named network)
I have an Angular frontend running in a container on this network (172.28.1.4). The frontend web server is an nginx server.
From the web server I would like calls to various backends (authentication and database) to go directly to these servers without exposing them to the outside world.
I.e to authenticate a user, something like this: httpClient.post('172.28.1.5:8080/_user/login', credentials)
I believe this should be done in the nginx configuration, but I am pretty clueless on how to allow access to 172.28.1.5 from nginx without exposing 172.28.1.5
The servers are visible to each other seen from a Docker perspective
I have tried using a reverse proxy and that works, but I cannot block access to the location from external ips
location ~/_user(/.*)*/?$ {
proxy_pass http://auth_server:8080; //auth_server points to 172.28.1.5
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
The proxy setup. I have changed the names of the servers to clarify their role in the network.
The frontend can call the database_server like this:
http://external.ip.address:443/_api/any_path
Unfortunately, so can anyone else :)
server {
listen 443;
server_name localhost;
location ~/_user(/.*)*/?$ {
proxy_pass http://authentication_server:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location ~/_api(/.*)*/?$ {
proxy_pass http://database_server:80;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location ~/ {
proxy_pass http://ui_frontend_server:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
My docker setup makes this possible as it maps the name "authentication_server" with 172.28.1.3
authentication_server_service:
container_name: authentication_server
build: ../authentication_server/
image: authentication_server_image:latest
networks:
network:
ipv4_address: 172.28.1.3
I have a simple application with two separated containers: one to the backend (api-container) and other to the frontend (front-container).
I`d like to configure ngnix to redirect all requests from domain api.myurl.com to backend container and all requests from myurl.com to the frontend container.
To do that I configured the ngnix, as showed below:
server {
listen 80;
server_name myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://front-container:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
server_name api.myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://api-container:3010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Everything works almost fine. When I access http://myurl.com everything is ok but when access another route like http://myurl.com/other the ngnix returns 404 error. This route works like a charm without ngnix.
What is wrong in my configuration?
Important: ngninx is running also in a container in the same network to other containers.