on my docker host. With nginx container, i try to reverse proxy multiple services by using url name to identify the right service (portainer, rancher).
trafic from https://host1/rancher => https/rancher-container
trafic from https://host1/portainer => http://portainer-container:9000
I configure nginx to use url rewrite for transform the url before send it to the good service.
It works for service portainer. But it's don't work for rancher 2 service.
Here is my configuration:
location /rancher/ {
rewrite ^/rancher^/ /$1 break;
proxy_pass https://rancher-container;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
}
location /portainer/ {
rewrite ^/portainer^/ /$1 break;
proxy_pass http://portainer-container:9000/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
When I look from my chromeDevTools, I see:
GET https://host1/rancher/ 200 OK (and return index page like this) :
<!DOCTYPE html>
<html>
...
<link id="vendor" rel="stylesheet" href="/assets/vendor.css">
...
<script src="/assets/vendor-ebb1f9e6b4381d69a55448a2a5d7e4c9.js"></script>
<script src="/assets/ui-72ee502ee50a84d0f416c3164137307d.js"></script>
...
GET https://host1/assets/vendor.css net::ERR_ABORTED 404
GET https://host1/assets/vendor-ebb1f9e6b4381d69a55448a2a5d7e4c9.js net::ERR_ABORTED 404
GET https://host1/assets/ui-72ee502ee50a84d0f416c3164137307d.js
I think my web browser try to get ressources (css, js, img ..etc) define on html page with relative url like '/assets/' to 'https://host1/assets'. Or the good url is 'https://host1/racher/assets'.
Is there some solution for this?
Check the website. Probably in the HTML code your website has no idea that it's running not on extra path but assumes it's on root. Perhaps there's some switch that you can setup a base path for the website to know where it is.
Unfortunately this is a quite common problem. Default proxy headers does not send original path so services hidden behind usually are unaware that request is for something other than /.
If the service behind proxy is yours, you can pass some additional header like x-proxy-urlpath and inform service that it should render links including that path.
If not and you cannot setup base url in the website - the best solution would be to use subdomains and host-based proxy.
Related
I have a small express application running inside a docker container. The endpoint is accessible locally through http://localhost:8888/api/run . The docker container was run using this command:
docker run -dp 8888:8888 code-editor
I configured NGINX to serve the response from docker using the location block:
server {
server_name www.baseURL.tech baseURL.tech;
-------------------CONNECT WITH APP INSIDE DOCKER--------------------
location /compiler {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8888/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
-------------------CONNECT WITH MAIN NODE APP--------------------
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8000/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
The path being called is https://baseURL/compiler/api/run as an ajax request from the main website https://baseURL but it is returning 404.
You have
location /compiler
which results in Nginx passing on the entire URL, i.e. compiler/api/run to the Express app.
You want it to remove the compiler part and the easiest way to do that is to add a slash at the end of the location, like this
location /compiler/
Then Nginx will only pass on api/run to Express.
I have set up a gitlab container and nginx for proxy_pass but not working.
For example, I type example.com/gitlab, it can proxy_pass to 8086 port.
It can successful to display login page with out photo and the button is not working.
I find that if I add back the port number, it is work normally http://example.com:8086/projects/new
But proxy_pass address is http://example.com/projects/new, it cannot find the file and display 404.
location /gitlab {
proxy_pass http://example.com:8086;
}
how can I handle this case?
http://example.com/projects/new
http://example.com:8086/projects/new
Pass the GITLAB_HOST env in to container
docker run -e GITLAB_HOST=http://example.com/gitlab ....
and pass the request header and proxy port to the proxy server in nginx config
location /gitlab {
proxy_pass http://example.com:8086;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
i have a webapplication running in a docker container behind nginx reverse proxy on the same container network.
the nginx is set up so that foo.bar/app redirect to the container but application seems to try load resources from foo.bar/. i have tried to do what is documented here:https://www.nginx.com/resources/wiki/start/topics/examples/likeapache/
as a result my location block looked like this:
location /app {
root /app;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://webapp/;
}
where webapp is the name of the webapp's docker container in the network
for the location block this is fine
location /app {
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://webapp/;
}
the trick is to access with a trailing slash so with foo.bar/app/ rather than with foo.bar/app
additionally adding this line will add the trailing slash automagically:
rewrite ^([^.]*[^/])$ $1/ permanent
This answer: https://stackoverflow.com/a/10469032/3958875 indicates that the ~/ in urls will be set to the actual root of the application if the application is in a virtual directory.
However, I can't seem to find how I can set this path/value.
For example, I have the app behind nginx reverse proxy, so that the root of the app is here: www.mywebsite.com/app1/
Therefore I want all ~/ to be expanded to app1/. How can I accomplish this?
I tried app.UsePathBase("/app1"); in the Configure method in Startup.cs, which didn't seem to do anything.
My nginx config is like:
server {
server_name: apps.mywebsite.com
location / {
...
}
location /app1/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:5000/;
}
#Https stuff ...
}
Am I missing something that I can pass to asp.net from nginx?
~ will expand to the content root. That is the effectively the path base that is configured for an incoming request.
What app.UsePathBase() does is tell the application that when the incoming request starts with the specified prefix, then that will be used as the path base. So in your case, when the incoming request starts with /app1, then /app1 will be the path base, and ~ will be expanded to /app1.
If you look at your reverse proxy configuration, you can see however that the path /app1 is not actually passed to the application:
location /app1/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:5000/;
}
So when you access the page at /app1/foo, the request path that gets passed to the application will be just /foo. So the /app1 path base isn’t seen by the application and it won’t be able to respond appropriately.
What you need to do instead is actually pass the full path to the application. You then use app.UsePathBase() to configure that path base so that it gets interpreted correctly:
location /app1/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:5000/app1/;
}
app.UsePathBase("/app1");
Now, incoming requests at /app1/foo will translate to the same path within your application, the /app1 path base will be used and ~ should expand properly to /app1.
Turns out the error is indeed in my nginx configuration.
By following the documentation on asp and nginx here: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-2.2
I changed my nginx config to:
...
location /app1/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
...
And ~ expanded properly.
I have a simple application with two separated containers: one to the backend (api-container) and other to the frontend (front-container).
I`d like to configure ngnix to redirect all requests from domain api.myurl.com to backend container and all requests from myurl.com to the frontend container.
To do that I configured the ngnix, as showed below:
server {
listen 80;
server_name myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://front-container:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
server_name api.myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://api-container:3010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Everything works almost fine. When I access http://myurl.com everything is ok but when access another route like http://myurl.com/other the ngnix returns 404 error. This route works like a charm without ngnix.
What is wrong in my configuration?
Important: ngninx is running also in a container in the same network to other containers.