Hello this is my first time deploying rails app to a ubuntu server so after I configured nginx and got the "welcome to nginx page" at a certain IP ... and when I start rails application I must enter the port in the IP address for example 165.217.84.11:3000 in order to access rails so how to make rails run default when I run only this IP 165.217.84.11
You can set the redirection from the 80 port (wich is the default) to the 3000 like this:
worker_processes 1;
events { worker_connections 1024; }
http {
client_max_body_size 10m;
sendfile on;
upstream rails {
server 165.217.84.11:3000;
}
server {
listen 80;
location / {
proxy_pass http://rails-app;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl off;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
So, when you access 165.217.84.11 in the browser you should see your rails project.
In general you have to setup your nginx to use puma socket file and then it will access the website using socket file instead of using TCP port (:3000 by the default).
Here is a nice tutorial: link
And here is a short explanation why you should use sockets.
Related
I have setup in docker-compose mysql, keycloack and nginx.
Changed in standalone and standalone-ha
<web-context>keycloak/auth</web-context>
so I can use keycloak under /keycloak.
If I expose 8080 keycloack port I can use it under http://localhost:8080/keycloak/auth/.
Login, changing settings etc all works fine.
So I can assume that this keycloak configuration is fine.
But I want to hide it under nginx proxy.
here is my nginx.conf:
user nginx;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type text/html;
server {
listen 8080;
location /keycloak {
proxy_pass http://keycloak:8080/keycloak/auth/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
if i go to http://localhost/keycloak or http://localhost/keycloak/auth
I see an 404 Nginx error.
I can not find this problem..
any idea how to solve this ?
thanks!
EDIT:
when i set proxy_pass http://keycloak:8080;
then url: http://localhost/keycloak/auth/ works fine,
but I wonder why if I go to http://localhost/keycloak/ I am redirected to the http://localhost/auth
any ideas ?
I have a simple application with two separated containers: one to the backend (api-container) and other to the frontend (front-container).
I`d like to configure ngnix to redirect all requests from domain api.myurl.com to backend container and all requests from myurl.com to the frontend container.
To do that I configured the ngnix, as showed below:
server {
listen 80;
server_name myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://front-container:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
server_name api.myurl.com;
location / {
resolver 127.0.0.11;
proxy_pass http://api-container:3010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Everything works almost fine. When I access http://myurl.com everything is ok but when access another route like http://myurl.com/other the ngnix returns 404 error. This route works like a charm without ngnix.
What is wrong in my configuration?
Important: ngninx is running also in a container in the same network to other containers.
I'm using a Nginx-proxy in a docker-container. And I have to run multiple applications on a server. I want to run them all in a docker container except one. I run Jira an Confluence in container. It took me a lot of time to configure the applications and the Nginx-config. Now I want to run Graylog2 on the Server aswell and I'm facing kind of the same problems like in Jira/Confluence. I guess it's maybe because I don't really understand how all this works. Thats why I made the following image:
Thats how I understand the reverse proxy. The nginx-conf looks like this:
upstream jenkins {
server 43.3.34.333:8080 fail_timeout=0;
}
upstream docker-jira {
server jira:8080;
}
upstream docker-conf {
server conf:8090;
}
upstream docker-graylog {
server graylog:9000;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name mySite.de;
return 301 https://mySite.de;
}
server {
# SSL configuration
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name mySite.de;
include snippets/ssl-mySite.de;
include snippets/ssl-params.conf;
location /jenkins {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://jenkins;
proxy_redirect http://jenkins $scheme://mySite.de;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
# workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651
add_header 'X-SSH-Endpoint' 'jenkins.domain.tld:50022' always;
client_max_body_size 2M;
}
location /graylog {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL http://$server_name/api;
proxy_pass http://docker-graylog/graylog;
}
location /jira {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://docker-jira/jira;
client_max_body_size 100M;
add_header X-Frame-Options ALLOW;
}
location /confluence {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://docker-conf/confluence;
proxy_redirect http://docker-conf/confluence https://mySite.de;
client_max_body_size 100M;
add_header X-Frame-Options SAMEORIGIN;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://mySite.de:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
client_max_body_size 100M;
}
}
To run Graylog2 behind a proxy you have to set some settings(Graylog2 docu):
set web_listen_uri
set rest_listen_uri
set web_endpoint_uri
I did it like this:
rest_listen_uri = http://localhost:9000/api/
web_listen_uri = http://localhost:9000/graylog
GRAYLOG_WEB_ENDPOINT_URI: https://mySite.de/api
When I got to https://mySite.de/graylog I get a 502 Bad Gateway Error. Nginx-log:
connect() failed (111: Connection refused) while connecting to upstream, client: 33.11.102.157, server: mySite.de, request: "GET /graylog HTTP/2.0", upstream: "http://172.18.0.9:9000/graylog", host: "mySite.de"
My Network:
NETWORK ID NAME DRIVER SCOPE
6c9de2d6b0ac MyNet bridge local
I don't really get it.
Leave your 80–>443 redirect you have with NGINX doing the SSL termination, then sending to backend over http.
Change these to listen on the LAN IP or docker DNS name:
web_listen_uri = http://docker-graylog:9000/graylog
rest_listen_uri = http://docker-graylog:9000/api
Note: The problem with your current config is it is only listening on localhost, and a request coming in externally will never make it to the app, because it’s not listening for external connections. It’s only listening for connections within the graylog container. NGINX can’t reach graylog on localhost:9000 across the LAN.
The bad gateway indicates that your proxy is probably working, but no connections to app can be made.
More details on that:
https://forums.docker.com/t/access-to-localhost-from-bridge-network/22948/2
This config is basically what you already have, but copied it from graylog documentation. Your current proxy config might work as is.
upstream docker-graylog {
server graylog:9000;
}
server
{
listen 443 ssl spdy;
server_name mySite.de;
# <- your SSL Settings here!
location /graylog
{
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL https://$server_name/api;
proxy_pass http://docker-graylog/graylog;
}
}
I am trying to configure Nginx as a proxy to http://example.com/test/app
My config is similar to this :
server {
listen 80;
location / {
proxy_pass http://example.com/test/app;
}
}
I am getting 301 response. I don't think this is something related to the web app the proxy is referring to, because its url is accessible via the browser.
I am quite new to Nginx. Please help. :)
please try the following bare minimum configuration:
server {
listen 80;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error.
proxy_pass http://example.com/test/app;
proxy_read_timeout 90;
}
}
Please note that security aspects are missing in this example.
I am a newbie in Ubuntu and generally server side and I have created a Rails app and have deployed it on Ubuntu Ec2.
I am using Nginx and Thin server on it.The app is running perfectly on it.
Now I want to deploy another app on the same server.
I have already put the app on the server and when i try to start the rails app it does not start.
I guess it is because of nginx.conf file.
Can someone please let me know how to run two apps on the same server
When you try to browse to a machine on Amazon's EC2, and you don't get any response, the best suspect is the AWS Security Group. Make sure that the port the application runs on is open in your machine's security group:
(source: amazon.com)
For nginx to run both you apps, you need to configure them both on its nginx.conf
upstream app1 {
server 127.0.0.1:3000;
}
upstream app2 {
server 127.0.0.1:3020;
}
server {
listen 80;
server_name .example.com;
access_log /var/www/myapp.example.com/log/access.log;
error_log /var/www/myapp.example.com/log/error.log;
root /var/www/myapp.example.com;
index index.html;
location /app1 {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app1;
}
location /app2 {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app2;
}
}
This configuration will listen for app1 on local port 3000, and app2 on local port 3020, and redirect data starting with http://my.example.com/app1 to the first app, and data starting with http://my.example.com/app2 to the second app.