I have nginx server and it's works fine for http requests. But on https it's not working.
How to solve it? Where is problem?)
upstream coinbot {
server web:5000;
}
server {
listen 80;
location / {
proxy_pass http://coinbot;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
}
server {
listen 443 ssl;
server_name coinbot;
ssl_certificate /etc/nginx/ssl/coinbot.crt;
ssl_certificate_key /etc/nginx/ssl/coinbot.key;
location / {
proxy_pass https://coinbot;
}
}
Related
after a deployment tonight my nginx server keeps getting 301 redirecting to the same URI and thus browsers won't load the site. It's a node app within a docker container with 4 containers in total: app, wordpress, redis, nginx. I am pretty sure that I didn't change anything in the nginx config within the docker project, just changed the sub project (src-folder). I even reverted all my changes back to what I had before but the issue stays.
Neither the normal URL nor the Wordpress domain is loading, it will always 301 redirect to the root.
The configuration should 301 redirect all traffic from non-SSL to SSL and render the page.
My config looks like this:
upstream node {
server app:3000;
}
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com;
}
server {
listen 80;
server_name wordpress.example.com;
return 301 https://example.com;
}
server {
listen 443;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl/example.com.cert;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
return 301 https://example.com;
}
server {
listen 443 default ssl;
server_name example.com;
root /var/www/html/project;
ssl_certificate /etc/nginx/ssl/example.com.cert;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
set $isopen 0;
location / {
proxy_pass http://node;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Accept-Encoding "";
proxy_set_header Proxy "";
expires off;
}
location /lp/ {
proxy_ssl_server_name on;
proxy_pass https://sub.example.com/folder/;
}
}
server {
listen 443 ssl;
server_name wordpress.example.com;
ssl_certificate /etc/nginx/ssl/wordpress.example.com.cert;
ssl_certificate_key /etc/nginx/ssl/wordpress.example.com.key;
error_page 397 https://$host:$server_port$request_uri;
set $isopen 0;
if ($request_uri ~ '^/wp-json/wp/v2/.*') {
set $isopen 1;
}
if ($request_uri ~ '^/wp-includes/.*') {
set $isopen 1;
}
if ($request_uri ~ '^/wp-content/.*') {
set $isopen 1;
}
if ($request_uri ~ '^/wp-admin/.*') {
set $isopen 1;
}
if ($request_uri ~ '^/wp-login.php') {
set $isopen 1;
}
if ($request_uri ~ '^/wp-admin/.*\.(php|css|js)') {
set $isopen 1;
}
if ($isopen !~ 1) {
return 301 https://$server_name/wp-admin/;
}
location / {
proxy_pass https://wordpress;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Accept-Encoding "";
proxy_set_header Proxy "";
expires off;
}
}
My docker containers listen to the following ports:
Containers statuses
Name Command State Ports
------------------------------------------------------------------------------------------------------------------------
project_app_1 bash -c npm install && npm ... Up
project_redis_1 docker-entrypoint.sh redis ... Up 6379/tcp
project_web-srv_1 nginx -g daemon off; Up 0.0.0.0:44301->443/tcp, 0.0.0.0:8080->80/tcp
project_wordpress_1 docker-entrypoint.sh apach ... Up 443/tcp, 80/tcp
Network status
Network name Network subnet Network gateway
project_network 172.100.112.0/24 172.100.112.1
Container name Container IPv4 address
project_wordpress_1 172.100.112.50/24
project_web-srv_1 172.100.112.30/24
project_app_1 172.100.112.40/24
project_redis_1 172.100.112.20/24
Hope somebody can help me. Thanks in advance.
I'm trying to follow this: https://forum.mattermost.org/t/recipe-embedding-mattermost-in-web-applications-using-an-iframe-unsupported-recipe/10233
I'm running a dockerized version of mattermost. I am running a dockerized container of nginx. I configured my nginx according to: https://docs.mattermost.com/install/install-ubuntu-1804.html#configuring-nginx-as-a-proxy-for-mattermost-server
I have the mattermost-preview container running on localhost:8065.
I followed the steps and restart the nginx instance and visit localhost:80 but still see the default nginx welcome page.
Here's my default.conf:
upstream backend {
server localhost:8065;
keepalive 32;
}
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;
server {
listen 80 default_server;
server_name localhost;
return 301 https://$server_name$request_uri;
}
server {
listen 443 http2;
server_name localhost_two;
http2_push_preload on; # Enable HTTP/2 Server Push
ssl off;
location ~ /api/v[0-9]+/(users/)?websocket$ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 50M;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header Content-Security-Policy;
proxy_hide_header X-Frame-Options;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
client_body_timeout 60;
send_timeout 300;
lingering_timeout 5;
proxy_connect_timeout 90;
proxy_send_timeout 300;
proxy_read_timeout 90s;
proxy_http_version 1.1;
proxy_pass http://backend;
}
location / {
client_max_body_size 50M;
proxy_set_header Connection "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header Content-Security-Policy;
proxy_hide_header X-Frame-Options;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_cache mattermost_cache;
proxy_cache_revalidate on;
proxy_cache_min_uses 2;
proxy_cache_use_stale timeout;
proxy_cache_lock on;
proxy_http_version 1.1;
proxy_pass http://backend;
}
}
# This block is useful for debugging TLS v1.3. Please feel free to remove this
# and use the `$ssl_early_data` variable exposed by NGINX directly should you
# wish to do so.
map $ssl_early_data $tls1_3_early_data {
"~." $ssl_early_data;
default "";
}
My nginx.conf is the default one
app.somename.local is not working, but localhost is proxies to app:3000. I want to access to app via typing server_name into browser
worker_processes 1;
events {
worker_connections 1024;
}
http {
upstream app {
server app:3000;
}
server {
server_name app.somename.local;
location / {
proxy_pass http://app/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
}
}
}
app.somename.local
Your shooting at wrong target. You need to get that server name resolved.
Do this.
127.0.0.1 app.somename.local >> /etc/hosts
And it should work.
I need to redirect or proxy_pass the following:
Every request starting with /api/v1/ to: #server
everything else / to #client
I have #server running on port 8080 and #client on port 8081
#client and #server are running as docker containers.
Note. Everything should be using https.
The following config is what I have but its not working idkw
server {
server_name example.com;
listen 80;
listen [::]:80 ipv6only=on;
return 301 https://example.com$request_uri;
}
server {
server_name example.com;
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
...
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
location /api/v1/ {
try_files $uri #server;
}
location / {
try_files $uri #client;
}
location #client {
proxy_pass http://client:8081;
}
location #server {
proxy_pass http://server:8080/api/v1/;
}
}
If you must use named locations then you can use error_page approach below.
By returning unused HTTP status codes and error_page for those codes set to named locations, we can forward requests to those named locations:
server {
server_name example.com;
listen 80;
listen [::]:80 ipv6only=on;
return 301 https://example.com$request_uri;
}
server {
server_name example.com;
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
...
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
error_page 350 = #client;
error_page 351 = #server;
location /api/v1/ {
return 351;
}
location / {
return 350;
}
location #client {
proxy_pass http://client:8081;
}
location #server {
proxy_pass http://server:8080/api/v1/;
}
}
I am using following nginx configurations:
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
}
http {
include /etc/nginx/mime.types;
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
upstream myapp.co {
server 127.0.0.1:8080;
}
server{
listen 80;
server_name myapp.co;
rewrite ^ https://myapp.co$request_uri? permanent;
}
server {
listen 443 ssl;
server_name myapp.co;
root /home/deployer/myapp/public;
ssl on;
ssl_certificate /etc/nginx/certs/myapp.co.crt;
ssl_certificate_key /etc/nginx/certs/myapp.co.private.key;
#server_name myapp.co _;
#root /home/deployer/myapp/public;
location / {
proxy_set_header X_FORWARDED_PROTO $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header CLIENT_IP $remote_addr;
proxy_redirect http:// https://;
if (!-f $request_filename) {
proxy_pass http://myapp.co;
break;
}
if (-f $document_root/system/maintenance.html) {
return 503;
}
}
}
}
The issue: when I load http://www.myapp.co, I get the error message
Welcome to nginx
But if I set to the browser
https://www.myapp.co
https://myapp.co
http://myapp.co
Everything is working well.
How can I fix up the proper displaying of the Rails app also for the request http://www.myapp.co?
I am quite amateur with setting up of nginx, so I'll be grateful for every advice.
Thank you
I think, you should set your server_name (in both server sections) like this:
server_name myapp.co www.myapp.co;