I'm working on an nginx s3 reverse proxy container image to proxy frontend files (Angular apps) from s3 behind an Application Load Balancer. The frontend files are located in the specific folder of the given app name in the s3 bucket. These are angular apps which are built using standard angular commands. The dist contents are uploaded to s3 and then the ALB route paths, along with the nginx locations map to those app folders in s3. For example, here is my nginx conf file:
server {
listen 80;
listen 443 ssl;
ssl_certificate /etc/ssl/nginx-server.crt;
ssl_certificate_key /etc/ssl/nginx-server.key;
server_name timemachine.com;
sendfile on;
default_type application/octet-stream;
resolver 8.8.8.8;
server_tokens off;
location ~ ^/app1/(.*) {
proxy_http_version 1.1;
proxy_buffering off;
proxy_ignore_headers "Set-Cookie";
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-request-id;
proxy_hide_header x-amz-meta-s3cmd-attrs;
proxy_hide_header Set-Cookie;
proxy_set_header Authorization "";
proxy_intercept_errors on;
rewrite ^/app1/?$ /app1/index.html;
proxy_pass https://<s3 bucket name here>;
break;
}
}
So there is a corresponding bucket folder /app1 in s3 which has the dist contents and is serving up the index.html. And on the ALB, there are two route paths. The first is /app1 which redirects to https:{port}//app1/ and then the second route path /app1/* which just forwards to the nginx reverse proxy container deployed via ECS Fargate.
This is not using cloudfront. The bucket is proxied internally on https and specific permissions are set on the bucket to be accessible w/in the given VPC.
The angular apps have specific modules, but the issue is since Im not saving any of this content in the container, I can't just do a try_files, or set an index to make this work, since all of this is proxied from s3 and the content is accessed differently.
I can access the app at with the given proxy configuration above, but for other paths, say when I navigate to the part of the apps where its /app1/account and then do a refresh, the page throws an access denied on the bucket and I just get the standard xml page in the browser.
How do I get this to work with all of those other relative paths without having to add each of those paths to nginx or the ALB routes? In other words, I dont want to have to add
location /app1/account {
}
and so on, or something like that. Yes, Im sort of new to nginx, so im still figuring things out.
I was expecting the above proxy to work with all paths on /app1 but im unsure what other route paths need to be added to the ALB or if the regex is off, or what else needs to be added to the nginx conf file.
All that to say, when I enter this
https://timemachine.com/app1
or this,
https://timemachine.com/app1/
both work and just rewrite to the index.html which is good.
After this, when I click on another icon in the UI that directs to another path on /app1/, I get directed to the page correctly at...
https://timemachine.com/app1/news
but then on a refresh on this path, instead of hitting url https://timemachine.com/app1/news, with all the data shown when I accessed this through UI, the url stays at https://timemachine.com/app1/news but the page defaults to s3 bucket access denied on that route(.xml).
The goal is just to be able to reload on the pages I can already access without the UI blowing up and defaulting to the access denied message. So I would like to be able to just enter https://timemachine.com/app1/news, which will display the content, then do a refresh and see the content again.
The are various modules within the angular apps and so these are relative paths, which may be part of the problem.
NOTE: All files, aside from assets folder, are in the base app1 bucket folder. So https://<s3_bucket_name>/app1 (with app1 being the folder).
Angular's docs indicate to use the Frontend Controller pattern for static files like so:
Use try_files, as described in Front Controller Pattern Web Apps,
modified to serve index.html:
try_files $uri $uri/ /index.html;
Obviously, that won't work here (since the files aren't local to nginx) so my understanding is we're looking for equivalent logic to that for when the files are hosted elsewhere.
Route not-assets to index.html
All assets are in the /assets/ folder - so the simplest solution is to look for anything starting with not-that and proxy those requests to the html file for the response:
server {
location ~ /app1/ {
rewrite ^/app1/(?!assets/) /index.html;
proxy_pass https://domain/bucket/app1/;
}
}
That regex means that:
/app1/assets/some.css gets proxied to https://domain/bucket/app1/assets/some.css
/app1/ gets proxied to https://domain/bucket/app1/index.html
/app1/something/else gets proxied to https://domain/bucket/app1/index.html
etc.
Do note that this is going to make your app respond HTTP 200 OK with html to almost any url - which may be confusing.
If there are any problems setting this up, enable the nginx debug log to see to what url requests are being proxied, and determine the difference from what's desired.
I have a webapp made in React and when I run the dockerimage locally, it works fine. No issues. When I deploy it to ECS Fargate with nginx it gives me a lot of weird errors.
Specifically, it cannot find the static assets. Here is my nginx file:
server {
listen ${PORT:-80};
server_name _;
root /usr/share/nginx/html;
index index.html;
location / {
try_files $$uri /index.html;
}
I am unsure what to change here, or in my yml files to get it to access the static stuff on ECS.
The error I am getting is the following:
Failed to load resource: the server responded with a status of 503
Any help is appreciated, thank you
I have an existing VueJs/nuxt app. The same app but with different CSS/ Images need to be deployed on same server (different URL) - its the same app but for another client.
Currently what we do is pull the branch on the Linux server and execute npm run generate for the current app.
I presume we need to generate the other app into another folder.
Is this the best solution? Then how do we configure for the new URL to point to this new folder.
example : current URL is www.potato.com and new url for will be www.potato.com/newclient
Thanks for your help.
You can set a Reverse Proxy with Nginx and launch both apps in different ports.
Let's say that potato.com will be in port 4000 and potato.com/newclient will be in port 5000.
You basically state that in your Nginx
server {
servername www.potato.com
listen 80;
listen [::]:80;
location / {
proxy_pass http://127.0.0.1:4000;
}
location /newclient {
proxy_pass http://127.0.0.1:5000;
}
}
Now your apps can live anywhere in your file system. Just deploy them with different ports.
I'm running an app with heroku using their php buildpack.
Therefore my app starts with web: vendor/bin/heroku-php-nginx -C nginx.conf public/ where nginx.conf is my custom nginx config file that gets appended inside a server directive here: https://github.com/heroku/heroku-buildpack-php/blob/master/conf/nginx/heroku.conf.php#L60.
I'm wondering how I can set this up in a way where I can get ssl to work locally while still having a config that is consistent in both prod and dev?
I am new to setting up my own server with nginx so forgive any ignorance. I may have just been using the wrong search terms to find the answers to my questions.
Anyway, I am using Rails 3, Nginx, and Unicorn at the moment on a VPS on rackspace. In my rails app I have about 500mb of files in public/ and I would like to use Nginx to serve these. Typically this is just:
server {
listen 80 default deferred;
# server_name example.com;
root /home/<my_user>/apps/<my_app>/current/public;
...
}
I can make this work if I add the 500mb in public to the git repo and then deploy with capistrano, but I don't want all of those files in my git repo. It makes no sense to store them there, but if I remove them then I have to manually go upload them to my public folder on the server every time I deploy.
Is there a way to make Nginx point to a second folder of assets for it to server? I tried the following:
location /static {
gzip on;
alias /home/deployer/static/;
}
I haven't had any luck getting this to work (trying to access the files via url.com/static/...) Anyone know what I am doing wrong?
Side note: all of the shown code is in my config/nginx.conf file and it SHOULD be overriding the settings via this line in my deploy.rb:
sudo "ln -nfs #{current_path}/config/nginx.conf /etc/nginx/sites-enabled/#{application}"
location /static/ {
root /home/deployer;
}
http://nginx.org/r/alias
http://nginx.org/r/root