Dynamic add reverse proxy in nginx - nginx-reverse-proxy

I would like to have some kind of dynamic setup the reverse proxy for my nginx configuration based on what customer input.
Like example customer input : http://10.10.10.3 then the reverse proxy will be setup in the nginx configuration file.
Any API which can help me to do that?

Related

httpd proxy any domain

Is it possible to configure a vhost on httpd that accepts any domain received and proxies to the actual website? Like subdomain wildcard but for the domain.
I'm assuming that tools like Squid Proxy can do this just fine, I'm just curious if it can be done with apache.
Sure that is possible, but you don't even need a proxy for that. The apache http server offers the concept of a "default virtual host". Which is exactly what you want: that host is responsible to respond to incoming requests to http hosts that do not have a specific configuration.
The default typically simply is the first of all hosts defined inside an apache http server.
An alternative I personally use is to setup the virtual hosts by just a basic configuration (name, admin and the like), but to include the actual content configuration (DocumentRoot and rewriting stuff) from a separate file). That way you can easily share the same setup between many virtual hosts but still have individual configuration options per domain, subdomain, http host, however you want to call that (there is no difference for the http server anyway, it is all http hosts).

HTTPS redirect traefik v2

I'm trying to setup traefik v2 on a development server we have.
The setup:
Docker serving dozens of nginx containers acting as a frontend for different projects. Every nginx container has a unique domain linked to it. Nginx is running on port 80. Every project has a separate docker-compose (traefik also has a separate docker-compose).
What I'm trying to accomplish:
Proxy all of the containers to traefik and add new ones on the go (new services are stopped/started all the time). Make traefik automatically redirect to HTTPS and contact the appropriate nginx container based on the hostname in order to serve the website.
Question: Is this even possible to do? I've been trying to figure it out for the past day or so but I can't get everything to work. Either the redirect doesn't work or if it does it returns 404.
Managed to find a guide that covers this:
https://chriswiegman.com/2019/10/serving-your-docker-apps-with-https-and-traefik-2/
To extend what the guide pointed to, the magic sauce is in LABELS. It can be broken down to this:
# Setup HTTP
# tells traefik that cany HTTP connection needs to be re-directed to HTTPS
- "traefik.http.middlewares.mysite-https.redirectscheme.scheme=https"
# 'web' (or any name) can be defined my traefik entrypoints. Web is port 80.
- "traefik.http.routers.mysite-http.entrypoints=web"
# tells to route incoming connections to 'mysitesdomain.com' to this service
- "traefik.http.routers.mysite-http.rule=Host(`mysitesdomain.com`)"
# Maps the above 'middleware' called 'mysite-https'
- "traefik.http.routers.mysite-http.middlewares=mysite-https#docker"
# Setup HTTPS
- "traefik.http.routers.mysite.entrypoints=web-secure"
- "traefik.http.routers.mysite.rule=Host(`mysitesdomain.com`)"
- "traefik.http.routers.mysite.tls=true"
- "traefik.http.routers.mysite.tls.certresolver=default"
What seems to be missing the loadbalancer definition.
- "traefik.http.services.replica_service.loadbalancer.server.port=80" # "80" is the container's incoming port.

Can Apache be setup as forward proxy and reverse proxy at the same time?

I want to achieve the following:
My app services user requests like so:
user request www.mysite.com -> Apache reverse proxy -> 192.168.1.1:8080/myApp
My app also makes requests but I want to route through a proxy:
192.168.1.1:8080/myApp -> Apache forward proxy -> www.google.com
Can I set this up on the same Apache server? If not, can I do it with two Apache servers on the same system?
My solution is to set up two virtual hosts in apache with different ports, one acting as a reverse proxy and the other, a forward proxy.
One conf file contains ProxyRequest on which makes Apache work as Forward-proxy and put ProxyRemote to localhost:high-port, and another conf file contains VHOST block for each port with ProxyRequest off which make Apache as Reverse-proxy.

Configure Apache Web server to use a proxy server

I want to configure Apache web server to use a proxy server, so that all the outbound requests go through this proxy server. Could you please help me how to do this? I tried with Proxifier, but it didn't help me much.
If you need to proxy outbound requests, you can use ProxyRemote from mod_proxy http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxyremote
ProxyRemote * http://ip.of.proxY.host:port
If you're using Apache the simpler way is to define a global variable http_proxy. On RedHat like edit /etc/sysconfig/httpd and adjust these two lines to your environment:
export http_proxy="http://proxy:8080/"
export https_proxy="http://proxy:8080/"

How to setup a forward proxy and a reverse proxy on the same server using Apache HTTPD

I have an application that acts as both a HTTP server as well as a HTTP client. For security reasons, the application runs on a server on a protected/internal network. I would like to setup a HTTP proxy that acts as an external interface for external parties to access the application.
For external HTTP clients to access my application, I would like to have a reverse proxy to handle such scenarios.
For HTTP request from my application to external parties, I would like to have a forward proxy to ensure my proper external URL's are sent to the external parties.
Question: Can Apache HTTPD proxy be configured to run a both a forward proxy and reverse proxy at the same time?
The short answer (from my reading of the docs) is No.
The forward proxy is activated using the ProxyRequests directive
A reverse proxy is activated using the ProxyPass directive.
The reverse proxy docs state
The ProxyRequests directive should
usually be set off when using
ProxyPass.
I think if you enable both on the same server, there will be a possible clash in your Allow, Deny settings for IPs etc