I am facing a similar issue as #415 and #367. I just completed installation on Ubuntu 16.04, DigitalOcean. I also followed the guide on the docs about deploying a production Taiga.
When I try to connect from an external system, I get the oompa loompas error message with the Js console showing:
http://138.28.207.46:8000/api/v1/ Failed to load resource: could not connect to server.
If I remove :8000 from ~/taiga-front-dist/dist/conf.json I get a different error:
http://138.28.207.46/api/v1/ Failed to load resource: 502 bad gateway
In issue #415 and #367 they managed to fix it, but none of them described which ports from which files need to be changed.
/etc/nginx/sites-available/taiga
server {
listen 80 default_server;
server_name _;
large_client_header_buffers 4 32k;
client_max_body_size 50M;
charset utf-8;
access_log /home/taiga/logs/nginx.access.log;
error_log /home/taiga/logs/nginx.error.log;
# Frontend
location / {
root /home/taiga/taiga-front-dist/dist/;
try_files $uri $uri/ /index.html;
}
# Backend
location /api {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8000/api/v1/;
proxy_redirect off;
}
# Django admin access (/admin/)
location /admin {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8000$request_uri;
proxy_redirect off;
}
# Static files
location /static {
alias /home/taiga/taiga-back/static;
}
# Media files
location /media {
alias /home/taiga/taiga-back/media;
}
}
/etc/circus/conf.d/taiga.ini
[watcher:taiga]
working_dir = /home/taiga/taiga-back
cmd = gunicorn
args = -w 3 -t 60 --pythonpath=. -b 127.0.0.1:8000 taiga.wsgi
uid = taiga
numprocesses = 1
autostart = true
send_hup = true
stdout_stream.class = FileStream
stdout_stream.filename = /home/taiga/logs/gunicorn.stdout.log
stdout_stream.max_bytes = 10485760
stdout_stream.backup_count = 4
stderr_stream.class = FileStream
stderr_stream.filename = /home/taiga/logs/gunicorn.stderr.log
stderr_stream.max_bytes = 10485760
stderr_stream.backup_count = 4
[env:taiga]
PATH = /home/taiga/.virtualenvs/taiga/bin:$PATH
TERM=rxvt-256color
SHELL=/bin/bash
USER=taiga
LANG=en_US.UTF-8
HOME=/home/taiga
PYTHONPATH=/home/taiga/.virtualenvs/taiga/lib/python3.5/site-packages
~/taiga-front-dist/dist/conf.json
{
"api": "http://138.28.207.46:8000/api/v1/",
"eventsUrl": null,
"debug": "true",
"publicRegisterEnabled": true,
"feedbackEnabled": true,
"privacyPolicyUrl": null,
"termsOfServiceUrl": null,
"maxUploadFileSize": null,
"contribPlugins": []
}
~/taiga-back/settings/local.py
from .common import *
MEDIA_URL = "http://138.28.207.46/media/"
STATIC_URL = "http://138.28.207.46/static/"
ADMIN_MEDIA_PREFIX = "http://138.28.207.46/static/admin/"
SITES["front"]["scheme"] = "http"
SITES["front"]["domain"] = "138.28.207.46"
SECRET_KEY = "theveryultratopsecretkey"
DEBUG = False
TEMPLATE_DEBUG = False
PUBLIC_REGISTER_ENABLED = True
#DEFAULT_FROM_EMAIL = "no-reply#example.com"
#SERVER_EMAIL = DEFAULT_FROM_EMAIL
# Uncomment and populate with proper connection parameters
# for enable email sending. EMAIL_HOST_USER should end by #domain.tld
#EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
#EMAIL_USE_TLS = False
#EMAIL_HOST = "localhost"
#EMAIL_HOST_USER = ""
#EMAIL_HOST_PASSWORD = ""
#EMAIL_PORT = 25
# Uncomment and populate with proper connection parameters
# for enable github login/singin.
#GITHUB_API_CLIENT_ID = "yourgithubclientid"
#GITHUB_API_CLIENT_SECRET = "yourgithubclientsecret"
I use Digital Ocean as well to host. My port uses 8001 not 8000. Not sure if that helps or not. I am going over SSL and using a few plugins (Slack and GIT), so the code may be a little different on my install. I posted my code for my working installation so you can compare vs. yours. Hopefully this helps.
/etc/nginx/sites-available/taiga
# Frontend
location / {
root /home/taiga/taiga-front-dist/dist/;
try_files $uri $uri/ /index.html;
}
# Backend
location /api {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8001/api;
proxy_redirect off;
}
# Django admin access (/admin/)
location /admin {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8001$request_uri;
proxy_redirect off;
}
# Static files
location /static {
alias /home/taiga/taiga-back/static;
}
# Media files
location /media {
alias /home/taiga/taiga-back/media;
}
# Events
location /events {
proxy_pass http://127.0.0.1:8888/events;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
/etc/circus/conf.d/taiga.ini
[watcher:taiga]
working_dir = /home/taiga/taiga-back
cmd = gunicorn
args = -w 3 -t 60 --pythonpath=. -b 127.0.0.1:8001 taiga.wsgi
uid = taiga
numprocesses = 1
autostart = true
send_hup = true
stdout_stream.class = FileStream
stdout_stream.filename = /home/taiga/logs/gunicorn.stdout.log
stdout_stream.max_bytes = 10485760
stdout_stream.backup_count = 4
stderr_stream.class = FileStream
stderr_stream.filename = /home/taiga/logs/gunicorn.stderr.log
stderr_stream.max_bytes = 10485760
stderr_stream.backup_count = 4
[env:taiga]
PATH = /home/taiga/.virtualenvs/taiga/bin:$PATH
TERM=rxvt-256color
SHELL=/bin/bash
USER=taiga
LANG=en_US.UTF-8
HOME=/home/taiga
PYTHONPATH=/home/taiga/.virtualenvs/taiga/lib/python3.5/site-packages
/taiga-front-dist/dist/conf.json
{
"api": "https://example.com/api/v1/",
"eventsUrl": "wss://example.com/events",
"eventsMaxMissedHeartbeats": 5,
"eventsHeartbeatIntervalTime": 60000,
"eventsReconnectTryInterval": 10000,
"debug": true,
"debugInfo": false,
"defaultLanguage": "en",
"themes": ["taiga"],
"defaultTheme": "taiga",
"publicRegisterEnabled": true,
"feedbackEnabled": true,
"privacyPolicyUrl": null,
"termsOfServiceUrl": null,
"maxUploadFileSize": null,
"contribPlugins": ["/plugins/slack/slack.json"],
"tribeHost": null,
"importers": ["trello"],
"gravatar": true
}
/taiga-back/settings/local.py
from .common import *
MEDIA_URL = "https://example.com/media/"
STATIC_URL = "https://example.com/static/"
SITES["front"]["scheme"] = "https"
SITES["front"]["domain"] = "example.com"
SITES["api"]["scheme"] = "https"
SITES["api"]["domain"] = "example.com"
SECRET_KEY = "theveryultratopsecretkey"
DEBUG = False
TEMPLATE_DEBUG = False
PUBLIC_REGISTER_ENABLED = True
Related
i have MERN stack application but in MERN i have MySql database, i m using ubuntu 20.04. when i running npm start in putty command line getting connection error to the database. Please help me to run my app.
This is my .env file:-
HOST = '141.136.47.10'
USER = 'root'
PASSWORD = ''
DATABASE = 'star_battery_db'
**This is my config file **
listen 80;
location / {
root /var/www/Star-Battery;
index index.html index.htm;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://141.136.47.10:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Thank you!
I use Nginx as reverse proxy to forward my Https request to backend server (which runs in Http protocol with port 7654 in the same server). Everything works well in Safari and Firefox, but Chrome throws an error.
Chrome Error: net::ERR_CERT_AUTHORITY_INVALID
Below is my nginx.conf file. BTW, it also works fine when I use IP address instead of domain name in Chrome. How can I fix this problem?
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name mydomain.name.lan;
root /usr/share/nginx/html;
ssl_certificate "/etc/pki/tls/certs/crt.crt";
ssl_certificate_key "/etc/pki/tls/private/key.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
try_files $uri $uri/ /index.html;
}
location /app/v1/ {
proxy_pass http://localhost:7654;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
i can give you an example of working config, which works for all browsers (currently latest releases) which we use at company. TLDR story behind, we have docker swarm deployment, but we have entry point Nginx which runs on host, and has another Nginx inside container which then redirects trafic to specific API gateways and so on..
We are gonna focus on that first level Nginx (which is on host), which actually does all SSL checks and so on .. we use http inside docker (between pods & containers)..
Working example for linux:
server_tokens off;
server {
listen 443 http2 ssl;
server_name development.docker.company.si;
add_header Strict-Transport-Security "max-age=31536000" always;
proxy_buffering off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
set $upstream_local_docker_proxy 10.10.0.2; #static location of inner nginx
ssl_certificate /etc/tls/si.company.docker.development-chain.crt;
ssl_certificate_key /etc/tls/si.company.docker.development-unencrypted.key;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_protocols TLSv1.2 TLSv1.3;
#here we just have /url-location-level-routing/ , in case you want to know
location /my-application-demo/ {
proxy_pass http://$upstream_local_docker_proxy;
proxy_set_header Host local.docker.company-my-application-demo;
rewrite ^/my-application-demo/(.*) /$1 break;
}
}
For a specific case you have, i have a windows config, all u need to do is change windows path of certs to linux and it should work:
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
upstream local-company1-api {
server localhost:5000;
}
server {
listen 443 http2 ssl;
server_name company1.company.si;
add_header Strict-Transport-Security "max-age=31536000" always;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
ssl_certificate C:\\tls\\si.company.company1-chain.pem;
ssl_certificate_key C:\\tls\\si.company.company1-unencrypted.pem;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_protocols TLSv1.2 TLSv1.3;
# ----------------------------------------------------------------------------------------------------
location / {
proxy_pass http://local-company1-api/;
proxy_redirect off;
}
}
}
I hope any of this helps.
Could you please help me to achieve the following
I want http://bla.domain.com to point to the link below.
http://bla.example.com:4321/?nick=Nick.....&&channels=Bulgaria%2CSofia%2Csex%2C30-40&prompt=1&uio=OD1mYWxzZSY5PXRydWUmMTI9dHJ1ZQf0&prompt=1
I have followed the original nginx stuff --> https://www.nginx.com/resources/wiki/start/topics/recipes/qwebirc/
In the moment the index.html was not presented as i want it
So another and better solution will be when someone open bla.example.com to open the hole link (http://bla.example.com:4321/?nick=Nick.....&&channels=Bulgaria%2CSofia%2Csex%2C30-40&prompt=1&uio=OD1mYWxzZSY5PXRydWUmMTI9dHJ1ZQf0&prompt=1) but i don't want tho hole link be presented because is hard to remember.
You can check below the conf i have made till now.
server { server_name bla.example.com;
location / {
autoindex on;
autoindex_exact_size off;
root /home/user/qwebirc/;
index index.html;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_pass http://127.0.0.1:4321;
}
#location / {
# autoindex on;
# autoindex_exact_size off;
# root /home/user/qwebirc/;
# index index.html;
# try_files $uri $uri/ #proxy;
#}
#location #proxy {
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_buffering off;
# proxy_pass http://127.0.0.1:4321;
#}
location ~* \.php$ {
#include fastcgi.conf # I include this in http context, it's just here to show it's required for fastcgi!
try_files $uri =404; # This is not needed if you have cgi.fix_pathinfo = 0 in php.ini (you should!)
fastcgi_pass 127.0.0.1:9000;
}
### Logs ###
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
}
Please bear in mind that i have tried to run it with the comment stuff instead of the working now.
Also here below is the index.html located in /home/user/qwebirc/
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<style>
html body {width: 100%;height: 100%;padding: 0px;margin: 0px;overflow: hidden;font-family: arial;font-size: 10px;color: #6e6e6e;background-color: #000;} #preview-frame {width: 100%;background-color: #fff;}</style>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script>
var calcHeight = function() {
$('#preview-frame').height($(window).height());
}
$(document).ready(function() {
calcHeight();
});
$(window).resize(function() {
calcHeight();
}).load(function() {
calcHeight();
});
</script>
</head>
<body>
<iframe id="preview-frame" src="http://bla.example.com/?nick=Nick.....&&channels=Bulgaria%2CSofia%2Csex%2C30-40&prompt=1&uio=OD1mYWxzZSY5PXRydWUmMTI9dHJ1ZQf0&prompt=1" name="preview-frame" frameborder="0" noresize="noresize">
</iframe>
</body>
</html>
So the current config is looking like this and not working. I can not start nginx.
server { server_name bla.example.com;
location / {
autoindex on;
autoindex_exact_size off;
root /home/kiril/qwebirc/;
index index.html;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
#proxy_pass http://127.0.0.1:4321;
}
location = / {
proxy_pass "http://127.0.0.1:4321/?nick=Nick.....&&channels=Bulgaria%2CSofia%2Csex%2C30-40&prompt=1&uio=OD1mYWxzZSY5PXRydWUmMTI9dHJ1ZQf0&prompt=1";
}
location / {
proxy_pass http://127.0.0.1:4321;
}
location ~* \.php$ {
#include fastcgi.conf # I include this in http context, it's just here to show it's required for fastcgi!
try_files $uri =404; # This is not needed if you have cgi.fix_pathinfo = 0 in php.ini (you should!)
fastcgi_pass 127.0.0.1:9000;
}
### Logs ###
access_log /var/log/nginx/bla.example.com.access.log;
error_log /var/log/nginx/bla.example.com.error.log;
}
With uncomment proxy_pass http://127.0.0.1:4321; in the above location / and remove it below it's working but it's the same. It still can not achieve what is required.
You are appending a query string to the root URI and passing it through to the proxy. It may be easiest to split the proxy into two location blocks, one for the root URI and one for all other URIs. The common proxy statements can be moved into the outer block and inherited by both.
server {
server_name bla.example.com;
root /home/kiril/qwebirc;
index index.html;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
location = / {
proxy_pass "http://127.0.0.1:4321/?nick=Nick.....&&channels=Bulgaria%2CSofia%2Csex%2C30-40&prompt=1&uio=OD1mYWxzZSY5PXRydWUmMTI9dHJ1ZQf0&prompt=1";
}
location / {
proxy_pass http://127.0.0.1:4321;
}
location ~* \.php$ {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
}
access_log /var/log/nginx/bla.example.com.access.log;
error_log /var/log/nginx/bla.example.com.error.log;
}
The proxy_pass value is enclosed in quotes as it contains an embedded ;.
I have an ASP.NET Core site running behind an NGINX reverse-proxy on Linux. I'm running into an issue where if I do a file request through the proxy with a query string attached (i.e. for cache-busting), I'm getting 404 errors, but if I request the exact same URL directly from the application (not through NGINX), it works fine, and if I drop the query string, it also works fine.
Examples below (the NGINX proxy is listening on port 5000 and the application is listening on port 5002)...
If I use a url like:
http://host-name:5000/path/file.json
I get the result back correctly, and this is what appears on the application's console output:
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://host-name:5000/path/file.json
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://host-name:5000/path/file.json
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/path/file.json'. Physical path: '/home/coreuser/debug/wwwroot/path/file.json'
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware:Information: Sending file. Request path: '/path/file.json'. Physical path: '/home/coreuser/debug/wwwroot/path/file.json'
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 400.9508ms 200 application/json
If I use a url like:
http://host-name:5002/path/file.json
I get the result back correctly, and this is what appears on the application's console output:
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://host-name:5002/path/file.json
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://host-name:5002/path/file.json
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/path/file.json'. Physical path: '/home/coreuser/debug/wwwroot/path/file.json'
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware:Information: Sending file. Request path: '/path/file.json'. Physical path: '/home/coreuser/debug/wwwroot/path/file.json'
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 28.2031ms 200 application/json
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 28.2031ms 200 application/json
If I use a url like:
http://host-name:5002/path/file.json?_dc=1020
I get the result back correctly, and this is what appears on the application's console output:
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://host-name:5002/path/bootstrap.json?_dc=1020
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://host-name:5002/path/bootstrap.json?_dc=1020
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/path/file.json'. Physical path: '/home/coreuser/debug/wwwroot/path/file.json'
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware:Information: Sending file. Request path: '/path/file.json'. Physical path: '/home/coreuser/debug/wwwroot/path/file.json'
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 146.8157ms 200 application/json
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 146.8157ms 200 application/json
If I use a url like:
http://host-name:5000/path/file.json?_dc=1020
I get a 404 error, and this is what appears on the application's console output:
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://host-name:5000/path/file.json?_dc=1020
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://host-name:5000/path/file.json?_dc=1020
[40m[32minfo[39m[22m[49m: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 379.4175ms 404
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 379.4175ms 404
Now, I'm not clear on whether this is an issue with NGINX messing with what it is forwarding to the ASP.NET Core application, or it isn't just an issue with the ASP.NET Core application (and/or Kestrel) getting thrown off by the combination of query string and the proxy's port number showing up on the request.
The relevant part of the NGINX configuration looks like this:
server {
server_name host-name;
listen 5000 default_server;
listen [::]:5000 default_server;
location / {
proxy_pass http://localhost:5002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Path $request_uri;
}
}
Any ideas?
EDIT:
I've since modified my server block to look like this:
server {
server_name host-name;
listen 5000 default_server;
listen [::]:5000 default_server;
root /var/www/path-to-debug/wwwroot;
location / {
if ($query_string ~ "^(.*)_dc=(.*)$") {
rewrite ^(.*)$ $uri?;
}
try_files $uri #proxy;
}
location #proxy {
proxy_pass http://localhost:5002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Path $request_uri;
}
}
Now that specific file is being fetched properly (bypassing Kestrel completely), but that seems to be messing with one of my controller calls that also has the _dc=XXXX attached.
I've gotten this part to work by modifying my server proxy block as below...it feels like a hack to me, but I haven't found a better solution yet. I also still have other issues, but will post separate questions for those if/when I can't figure them out.
server {
server_name host-name;
listen 5000 default_server;
listen [::]:5000 default_server;
root /var/www/path-to-debug/wwwroot;
location / {
if ($query_string ~ "^(.*)_dc=(.*)$") {
rewrite ^(.*)$ $uri?;
}
try_files $uri #proxy;
}
location #proxy {
proxy_pass http://localhost:5002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Path $uri;
}
}
I have two nginx instances running on two different machines. A acts as proxy for B while B itself proxies to some nodejs instances.
B is compiled with the ngx_http_realip_module to fetch the forwarded X-Real-IP of A. This is the config of B:
upstream request_proxy{
server 127.0.0.1:3000;
}
server {
server_name localhost;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
real_ip_header X-Real-IP;
proxy_pass http://request_proxy;
proxy_redirect off;
}
}
All I get in the request['headers']['x-real-ip'] is 192.168.0.1, which is the internal IP of A.
What am I doing wrong?
Regards,
Alex
I got a same error, seems like we need to save real ip additional like proxy_set_header realip $remote_addr;