I have a 3 servers: 1 nginx and 2 apache webservers
All traffic needs to go through the nginx to the apache servers
nginx (192.168.1.100)
web1 (192.168.1.101)
web2 (192.168.1.201)
I am having difficulty passing "development" subdomains to the correct servers for clients whose domains are not yet pointed at my nginx server.
I have a root domain for the business "mydomain.com" such that "web1.mydomain.com" should point directly to "web1" and "web2.mydomain.com" should point to "web2"
Further, if I add another sub-domain to the front of web1.mydomain.com or web2.mydomain.com, it should forward the request to the correct server.
example: test.net.web1.mydomain.com should forward to web1 and be served by the vhost on web1 for test.net.
I have tried several server_name configurations but cannot get the subdomains to route correctly.
upstream web1 {
server 192.168.1.101:80;
}
server_name web1.mydomain.com;
proxy_pass http://web1;
server_name *.web1.mydomain.com;
proxy_pass http://$1.web1;
server_name (.*?).web1.mydomain.com;
proxy_pass http://$1.web1;
server_name (.*?).web1.mydomain.com;
proxy_pass http://web1;
server_name .web1.mydomain.com;
proxy_pass http://web1;
Neither "web1.mydomain.com" or "test.net.web1.mydomain.com" will forward to the apache server. I either get a "This site can't be reached" or the default test page for nginx.
Also I have used mxtools and the domain web1.mydomain.com and web2.mydomain.com are pointed at the nginx server ip address.
current .conf file for web1:
upstream web1 {
server 192.168.1.101:80;
}
server {
listen 80;
server_name .web1.mydomain.com;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto http;
proxy_http_version 1.1;
proxy_redirect off;
proxy_pass http://web1;
}
}
Related
I'm creating a website with NGINX handling Static content, SSL and all that stuff, while my API and non-static websites are handled by Express.
Now, I'd like NGINX to pass stuff like "/update" to Express. However, I'm not sure how to configure that.
Is the example below from DigitalOcean functional for https websites in the first place? Shouldn't I configure the same SSL certificate that NGINX uses to Express, so it redirect to https://website.com/update instead of http://website.com/update?
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
Thanks in advance!
To proxy pass any API request starting with /update Example: http://localhost:3000/update, http://localhost:3000/update/test etc.. You can use below nginx config inside server block:
location /update {
proxy_pass http://localhost:3000;
}
If you want to redirect http://website.com/update to https://website.com/update . You will need to create a server at 80 port which will redirect any request that come at 80 port will be redirect to https://website.com/update
server {
listen 80;
listen [::]:80;
server_name website.com;
return 301 https://website.com$request_uri;
}
Is it possible to set up DNS records using CloudFlare that would allow me to have subdomains pointing to two different ports on my local machine?
For example, one application running on port 80, and another on port 8880? According to this link the ports should both be supported:
https://blog.cloudflare.com/cloudflare-now-supporting-more-ports/
I'd like to have:
sub1.domain.com -> 1.2.3.4:80
sub2.domain.com -> 1.2.3.4:8880
I've looked at SRV records, but it doesn't seem to allow IP addresses as targets.
You can use a reverse proxy like nginx and use it along with Cloudflare for the purpose.
Check this link to learn about installing and configuring nginx as reverse proxy.
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04
an example configuration looks like this
server {
listen 80;
server_name subdomain.example.com;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://local_ip:8081;
}
}
server {
listen 80;
server_name subdomain2.example.com;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://local_ip:port;
}
}
I am having a Amazon EC2 Ubuntu instance. I have installed LAMP server and tomcat 7. I also have application running in tomcat.
Now, my URL for apache is - http://ec2-54-xx-xx-xx.us-west-2.compute.amazonaws.com/
My URL for tomcat application is: http://ec2-54-xx-xx-xx.us-west-2.compute.amazonaws.com:8080
Instead of writing the 8080 part, I would like to call this directly via the URL http://ec2-54-xx-xx-xx.us-west-2.compute.amazonaws.com/.
I went through lot of tutorials, all are invalid, out dated or missing details. I am apache2, so the files inside the apache2 directory are below.
How can I do this "properly"? Because I will purchase a domain name in this weekend and I will replace the long amazon URL with this one soon as well.
What you need is a reverse proxy. You should setup nginx or httpd server instance, which would proxy requests from port 80 (http) to your local 8080 port (tomcat).
Here's a sample configuration for nginx:
upstream tomcat {
server 127.0.0.1:8080; # your tomcat app address
}
server {
listen 80;
root /path/to/your/app/directory;
index index.html index.htm;
server_name your.app.domain;
location / {
try_files $uri $uri/index.html $uri.html #tomcat;
}
location #tomcat {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_pass http://tomcat;
}
}
I am using Ghost as a blogging platform and nginx as a reverse proxy for ghost as detailed in the documentation. Ghost is installed in a subdirectory and is served over the domain http://example.com/blog whereas the static website is served over example.com
I have set up SSL on my server and want to serve the ghost login page (example.com/blog/ghost) over SSL while serving the rest of the pages over normal HTTP. However if I use forceAdminSSL:true and try to go to http://example.com/blog/ghost it should automatically redirect me to https://example.com/blog/ghost. Instead I'm redirected to https://example.com/ghost and end up with 404 error. The only work around I have found that works is to use foreAdminSSL:{redirect:false} which is clumsy because then I have to manually type https in the address bar instead of http.
How do I server Ghost Admin panel over ssl while ghost is installed in a subdirectory? I guess this has something to do with configuration in nginx.
My nginx config block
server {
listen 80;
listen 443 ;
server_name *.example.com;
server_name example.com;
ssl on;
ssl_certificate /etc/nginx/ssl/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/key.key;
location ^~/blog {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:2786;
proxy_redirect off;
}
location / {
root "/home/ubuntu/somedirectory/";
index index.html;
}
I think you haven't entered the config URL while setting up Ghost correctly.
You can do this by running the following commands:
ghost config URL https://my-domain.com/blog/
ghost restart
If this doesn't solve the problem, you can check out a detailed tutorial, solving this issue, on my blog here
My goal is to redirect from port 80 to 443 (force https), but can't manage to get a working https configuration first. I get a 503 Server Error and nothing appears in the logs. I've looked at all the posts on SO and SF, none of them worked (X_FORWARDED_PROTO, X-Forwarded-For headers don't make a difference.). I'm on EC2 behind a load balancer, and so I don't need to use the SSL-related directives as I've configured my certificate on the ELB already. I'm using Tornado for a web server.
Here's the config, if anyone has ideas, thank you!
http {
# Tornado server
upstream frontends {
server 127.0.0.1:8002;
}
server {
listen 443;
client_max_body_size 50M;
root <redacted>/static;
location ^~/static/ {
root <redacted>/current;
if ($query_string) {
expires max;
}
}
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://frontends;
}
}
}
Well, there are two different tasks:
If you need to redirect all your http traffic to https, you'll need to create http server in nginx:
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
}
Second note, if your SSL is terminated at ELB than you dont need ssl enabled nginx server at all. Simply pass traffic from ELB to your server 80 port.