I have setup in docker-compose mysql, keycloack and nginx.
Changed in standalone and standalone-ha
<web-context>keycloak/auth</web-context>
so I can use keycloak under /keycloak.
If I expose 8080 keycloack port I can use it under http://localhost:8080/keycloak/auth/.
Login, changing settings etc all works fine.
So I can assume that this keycloak configuration is fine.
But I want to hide it under nginx proxy.
here is my nginx.conf:
user nginx;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type text/html;
server {
listen 8080;
location /keycloak {
proxy_pass http://keycloak:8080/keycloak/auth/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
if i go to http://localhost/keycloak or http://localhost/keycloak/auth
I see an 404 Nginx error.
I can not find this problem..
any idea how to solve this ?
thanks!
EDIT:
when i set proxy_pass http://keycloak:8080;
then url: http://localhost/keycloak/auth/ works fine,
but I wonder why if I go to http://localhost/keycloak/ I am redirected to the http://localhost/auth
any ideas ?
Related
My admin and I are frustrated because we can't figure out how to set up the docker-registry part of nexus correctly.
We've setup the "docker-hosted"-Repository in Nexus.
Below you can find the nginx config:
server {
listen *:443;
server_name server.local;
# allow large uploads of files
client_max_body_size 50G;
# optimize downloading files larger than 1G
#proxy_max_temp_file_size 2G;
ssl on;
ssl_certificate snakeoil.crt
ssl_certificate_key snakeoil.key
location / {
# Use IPv4 upstream address instead of DNS name to avoid attempts by nginx to use IPv6 DNS lookup
proxy_pass http://127.0.0.1:8081/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
}
location /v1/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://172.17.0.1:5000;
}
}
When hitting login we only get:
Error response from daemon: login attempt to https://someToplevelURL.com/v2/ failed with status: 502 Bad Gateway
Another thing is, why is it forcing us to /v2 even if we toggle the "Use v1" button in nexus?
I have a simple application with two separated containers: one to the backend (api-container) and other to the frontend (front-container).
I`d like to configure ngnix to redirect all requests from domain api.myurl.com to backend container and all requests from myurl.com to the frontend container.
To do that I configured the ngnix, as showed below:
server {
listen 80;
server_name myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://front-container:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
server_name api.myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://api-container:3010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Everything works almost fine. When I access http://myurl.com everything is ok but when access another route like http://myurl.com/other the ngnix returns 404 error. This route works like a charm without ngnix.
What is wrong in my configuration?
Important: ngninx is running also in a container in the same network to other containers.
Hello this is my first time deploying rails app to a ubuntu server so after I configured nginx and got the "welcome to nginx page" at a certain IP ... and when I start rails application I must enter the port in the IP address for example 165.217.84.11:3000 in order to access rails so how to make rails run default when I run only this IP 165.217.84.11
You can set the redirection from the 80 port (wich is the default) to the 3000 like this:
worker_processes 1;
events { worker_connections 1024; }
http {
client_max_body_size 10m;
sendfile on;
upstream rails {
server 165.217.84.11:3000;
}
server {
listen 80;
location / {
proxy_pass http://rails-app;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl off;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
So, when you access 165.217.84.11 in the browser you should see your rails project.
In general you have to setup your nginx to use puma socket file and then it will access the website using socket file instead of using TCP port (:3000 by the default).
Here is a nice tutorial: link
And here is a short explanation why you should use sockets.
I want to configure NGINX to work as a reverse proxy to other Microservices.
I am able to forward the request from NGINX to one of the microservice
if I do curl http://xx.xx.xx.xx:8080/ call did landed on consumer-portal But
its using default location configuration /
when I comment the 1st block and configure the same code for location /consumer-portal and do curl http://xx.xx.xx.xx:8080/consumer-portal
I get :
Cannot GET /consumer-portal
I have more than 10 microservice which I want to call using NGINX.
Below is my nginx.conf file
worker_processes 4;
events {
worker_connections 1024;
}
http {
sendfile on;
upstream consumer-portal {
server xx.xx.xx.xx:9006;
}
upstream publisher-portal {
server xx.xx.xx.xx:9001;
}
server {
listen 8080;
#1st Block
#location / {
# proxy_pass http://consumer-portal;
# proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Host $server_name;
#}
#2nd Block
location /consumer-portal {
proxy_pass http://consumer-portal;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
#3rd Block
location /publisher-portal/ {
proxy_pass http://publisher-portal;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
Also, Please let me know If I can forward the request using docker container name.
e.g instead of server xx.xx.xx.xx:9006 i want to use server consumer-portal:9006
Please suggest what changes I need to do into .conf file.
location /consumer-portal {
proxy_pass http://consumer-portal;
If your proxy_pass URL is just a domain/IP/hostname and has no URI set then Nginx will pass the full client request URL to the proxy for requests matching the location block. So here your request to
http://xx.xx.xx.xx:8080/consumer-portal will be proxied by Nginx to
http://consumer-portal/consumer-portal
If your proxy_pass URL is a domain/IP/hostname which also has a URI appended then Nginx will replace the matching part of your location block from the original client request with the URI in your directive and then proxy the resulting URL to the upstream server. So if you had proxy_pass http://consumer-portal/new/location; then a request to
http://xx.xx.xx.xx:8080/consumer-portal/account would be proxied by Nginx to
http://consumer-portal/new/location/account
As you want to remove /consumer-portal from the request to the upstream proxy the solution is as simple as adding a trailing slash to your proxy_pass directive, like this:
proxy_pass http://consumer-portal/;
How to configure nginx with Trinidad? I did a lot of Googling, but no luck. Is there any resource for a sample configuration?
just google for proxy-ing with nginx - it's likely the same is with other Ruby servers e.g.
server {
listen sample.com:80;
server_name sample.com;
root /home/trinidad/rails_app/current/;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:3000/;
}
}
in Trinidad's configuration you might want to bind to 127.0.0.1 (just add address: 127.0.0.1)