I have a local Nginx installation that uses a custom config file to route different services and a web application to a single port.
The Nginx configuration file looks something like:
server {
listen 8080;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /api/login {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server %host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8181;
client_max_body_size 10M;
}
location /api/accountopening {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server %host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8282;
client_max_body_size 10M;
}
...
I am trying to do the same thing with Docker and the Nginx official image in DockerHub, but I haven't been able to. In their documentation they say I should do something like:
docker run --name cor-nginx \
-v ~/dev/nginx/conf/nginx.conf:/etc/nginx/nginx.conf:ro \
-d \
-p 8080:80 nginx
to create a volume and specify a custom config file but no results so far.
Has anyone done anything similar ?
Thanks a lot in advance!
Please exec to your Nginx container and check if a path to configuration files is valid.
I think you pass the wrong path, default it is: /etc/nginx/conf.d.
Also, you should use Dockerfile to build your changed image, it's better and more clarify than passing options as an argument to Docker.
You should also delete existing - default Nginx configurations.
I think it will be so helpful for you:
how to run nginx docker container with custom config?
Related
i try redirect to proxy-server nginx.
location /phpmyadmin {
proxy_http_version 1.1;
proxy_pass https://${PMA}:5000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
But i get error:
nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/nginx.conf:26
full code for inspect error in this listing, because i'm real can't find some error's (${env} = correctry changing in script
user root;
worker_processes auto;
pcre_jit on;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
keepalive_timeout 3000;
sendfile on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/nginx.crt;
ssl_certificate_key /etc/ssl/nginx.key;
root /home;
index default.html /default.html;
location /phpmyadmin {
proxy_http_version 1.1;
proxy_pass https://${PMA}:5000/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
}
location /wordpress {
return 307 http://${WP}:5050/;
}
location / {
try_files /default.html default.html default.htm;
}
}
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
}
daemon off;
how much simvols need for post)
I used envsubst for environment replacing, and this util tried swap $host and other nginx envs, solved with:
envsubst '\$WP \$PMA' < nginx.template.conf > nginx.ready.conf; rm nginx.template.conf
Expanding on the working answer from #mikhail-prigorodov:
The situation described by the OP arises when using the Nginx Docker container with Docker Compose. In the documentation, it reads:
Out-of-the-box, nginx doesn't support environment variables inside most configuration blocks. But this image has a function, which will extract environment variables before nginx starts.
So, if you are using environment variables in your docker-compose.yml as part of a 12-Factor App design, you have to figure out how to get them into your Nginx config file properly.
The solution in the Nginx Docker documentation is to run envsubst on a template configuration file and send the output to the Nginx config file. The Dockerfile syntax, which is mentioned in this GitHub issue is:
CMD envsubst < /etc/nginx/templates/default.conf.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'
But that solution runs into a problem if you have Nginx-defined variables AND environment variable placeholders in your configuration template. In the directory where I'm building my Nginx container (where my Dockerfile is), I have a templates directory with a file called default.conf.template, as directed in the documentation. The file contains Nginx variables and environment variables. For example:
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
location /static {
alias /usr/share/nginx/html/${STATIC_DIR};
}
The problem (I think) is that envsubst is looking for the "$" character that marks the start of the environment variables. In any case, you'll find that after running envsubst successfully, each line in your new Nginx config file that has a Nginx-defined variable (leading "$") in the template gives an error when you try and start Nginx.
To solve this problem, use the syntax provided by #mikhail-prigorodov. Applied to my example:
CMD envsubst '\$STATIC_DIR' < /etc/nginx/templates/default.conf.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'
This was the solution that worked for me after hours of frustration.
I'm trying to use nginx as a reverse proxy inside a container points to the different PHP application container.
My PHP container gets requests from external port 8080 and forwards it to internal 80. I want my nginx to get listen to port 80 and forward the request to the PHP container on port 8080 but have issues redirecting the request.
My nginx Dockerfile:
FROM nginx:latest
COPY default.conf /etc/nginx/conf.d/default.conf
My nginx default.conf:
server {
listen 80;
error_page 497 http://$host:80$request_uri;
client_max_body_size 32M;
underscores_in_headers on;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://php-container:8080;
proxy_read_timeout 90;
proxy_http_version 1.1;
}
}
I've tried deploying it via docker-compose with the above yml file, but got the same error when CURL to the nginx.
When CURL to HTTP://localhost:8080 (PHP application) and also to HTTP://localhost:80 (nginx) there's a log output from the docker-compose log.
But when CURL to nginx, I got the above error:
You have a misconfiguration here.
nginx (host:80 -> container:8080)
php-app (host:8080 -> container:80)
Nginx can't reach of "localhost" of another container because it's a different container network.
I suggest you create a docker network --network and place both containers to the network. Then in Nginx config, you can refer php-app container by name.
proxy_read_timeout 90;
proxy_redirect http://localhost:80/ http://php-container:8080/;
Besides you can expose only the Nginx port and your backend will be safe.
I have 3 containers on my docker. and I want to have gitlab as a subdomain.
my gitlab container ports are:
443/tcp, 0.0.0.0:10022->22/tcp, 0.0.0.0:10080->80/tcp
gitlab container has created with this command:
docker run --detach --name gitlab --restart=always\
--publish 10022:22 --publish 10080:80 \
--network nginx_network \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--env 'EXTERNAL_URL=https://develop.domain.com' \
--volume /srv/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:latest
my nginx config is:
upstream isa_fire {
server isa_fire:8000;
}
upstream gitlab {
server gitlab:80;
}
upstream gedata {
server geoserver:8080;
}
server {
listen 80;
server_name domain.com www.domain.com;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
root /usr/share/nginx/html;
index index.html index.htm;
location / {
proxy_pass http://isa_fire;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /static/ {
alias /isa_fire/static/;
}
location /files/ {
alias /isa_fire/;
}
}
server {
listen 80;
server_name develop.domain.com www.develop.domain.com;
location / {
proxy_pass http://gitlab;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
server {
listen 80;
server_name geoserver.domain.com www.geoserver.domain.com;
location / {
proxy_pass http://gedata;
}
}
client_max_body_size 240M;
every things works good with browser on my gitlab. but when i try to push:
git push -u origin master
face with this error after some minutes:
*ssh: connect to host develop.domain.com port 22: Connection timed out
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists*
There are two ways to solve this ,
Change docker host ssh port from 22 to something else, then create gitlab container with these ports instead, 22:22 ,10080:80, 443
Or you can edit .git/config file of your project , in address add port 10022 at the end of url
Btw you can pull and push using http(s) url of the project and leave ssh 😁
I think you need to expose Port 22 too, if you want to use SSH.
So that means your nginx config must be extended with a second server which listens on port 22 and proxy passes it to your gitlab docker container.
Port 22 must be also forwarded/opened in your router settings!
I hope this helps!
I am running Nexus3 in a docker container on a server that also uses nginx reverse-proxy. The problem is that when try to access to nexus repository from a browser, I am getting a broken page that has many console errors. Here's what I see:
After looking at the network tab, I noticed that my server is not setting the proper content-type for my requests. This is an example of a request to a js file:
Does anyone know what this could be? This is what my nginx.conf looks like:
server {
listen 443 ssl http2;
ssl_certificate /etc/ssl/confidential.com/fullchain.cer;
ssl_certificate_key /etc/ssl/confidential.com/*.confidential.com.key;
server_name confidential.com;
location /test {
proxy_pass http://nexus:8081/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
}
}
You have:
location /test {
proxy_pass http://nexus:8081/;
The context path of Nexus needs to match the context path served through the reverse proxy. Edit $workdir/etc/nexus.properties and set "nexus-context-path=/test". And change the proxy_pass to be "proxy_pass http://nexus:8081/test".
I'm trying to implement ssl in my application using Docker with nginx image. I have two apps, one for back-end (api) and other for front-end (admin). It's working with http on port 80, but I need to use https. This is my nginx config file...
upstream ulib-api {
server 10.0.2.229:8001;
}
server {
listen 80;
server_name api.ulib.com.br;
location / {
proxy_pass http://ulib-api;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
client_max_body_size 100M;
}
upstream ulib-admin {
server 10.0.2.229:8002;
}
server {
listen 80;
server_name admin.ulib.com.br;
location / {
proxy_pass http://ulib-admin;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
client_max_body_size 100M;
}
I get some tutorials but all is using docker-compose. I need to install it with Dockerfile. Can anyone give me a light?
... I'm using ECS instance on AWS and project is building with CI/CD
This is just one of possible ways:
First issue certificate using certbot. You will end up with a couple of *.pem files.
There are pretty tutorials on installing and running certbot on different systems, I used Ubuntu with command certbot --nginx certonly. You need to run this command on your domain because certbot will check that you are the owner of the domain by a number of challenges.
Second, you create nginx containers. You will need proper nginx.conf and link certificates to this containers. I use docker volumes but that is not the only way.
My nginx.conf looks like following:
http {
server {
listen 443 ssl;
ssl_certificate /cert/<yourdomain.com>/fullchain.pem;
ssl_certificate_key /cert/<yourdomain.com>/privkey.pem;
ssl_trusted_certificate /cert/<yourdomain.com>/chain.pem;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
...
}
}
Last, you run nginx with proper volumes connected:
docker run -d -v $PWD/nginx.conf:/etc/nginx/nginx.conf:ro -v $PWD/cert:/cert:ro -p 443:443 nginx:1.15-alpine
Notice:
I mapped $PWD/cert into container as /cert. This is a folder, where *.pem files are stored. They live under ./cert/example.com/*.pem
Inside nginx.conf you refer these certificates with ssl_... directives
You should expose port 443 to be able to connect