I have working Vuejs + Laravel App behing NGINX proxy. All my Laravel request are rest based and at www./app/$. It was working fine at separte ports. But when i switched to SSL. My frontend (Vuejs) still working fine but whenever I tried to send post request to backend (laravel), I receive [error] 8#8: *80 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream.
In 443 ssl block I am diverting all rest api calls to phpfpm but its not working somehow. What is recommended way of deploying these vuejs+ laravel on SSL nginx.
In the past, I've tried moving phpfpm in the ssl server block. I tried adding http on in fastcgi setting. After all changes, Following code:
Following is my Conf file.
server {
listen 81; # backend at laravel
index index.php index.html;
root /var/www/public;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
try_files $uri /index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
server {
listen 88; # frontend vuejs build app
index index.html;
server_name app.lookahead.com www.app.lookahead.com;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/front;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name app.lookahead.com;
ssl_certificate /etc/certs/app.lookahead.com/cert.crt;
ssl_certificate_key /etc/certs/app.lookahead.com/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8088;
proxy_read_timeout 90;
return 301 https://www.app.lookahead.com$request_uri;
}
location ^~ /api {
root /var/www/public; #backend api at this root
try_files $uri $uri/ /api/index.php$is_args$args;
location ~* \.php(/|$) {
fastcgi_pass app:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
}
##https://www.app.lookahead.com
server {
server_name www.app.lookahead.com;
listen 443;
ssl_certificate /etc/certs/app.lookahead.com/cert.crt;
ssl_certificate_key /etc/certs/app.lookahead.com/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
root /var/www/front; #frontend static vuejs files at this root
index index.html;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
location ^~ /api {
root /var/www/public; # backend api is at this root
try_files $uri $uri/ /api/index.php$is_args$args;
location ~* \.php(/|$) {
fastcgi_pass app:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
# nginx serving frontend
location / {
try_files $uri $uri/ #rewrites;
}
location #rewrites {
rewrite ^(.+)$ /index.html last;
}
}
Related
I have a subdomain at
https://numan-rest.allrestaurants.us/
however if I try to open it with http like
http://numan-rest.allrestaurants.us/
or with www www.numan-rest.allrestaurants.us
I am getting redirected to the main domain at allrestaurants.us/
I want to stay in subdomain even if I request with HTTP, without any protocol and with WWW
this is how my nginx conf looks like in /etc/nginx/sites-available/default
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /var/www/allrest/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
charset utf-8;
index index.html index.htm index.php;
# Enable nginx status page for Zabbix
location = /basic_status {
stub_status;
allow 127.0.0.1;
allow ::1;
deny all;
}
# Enable php-fpm status page for Zabbix
location ~ ^/(status|ping)$ {
## disable access logging for request if you prefer
access_log off;
## Only allow trusted IPs for security, deny everyone else
allow 127.0.0.1;
deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
## Now the port or socket of the php-fpm pool we want the status of
# fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_connect_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_read_timeout 3600;
fastcgi_buffering off;
}
location ~ /\.(?!well-known).* {
deny all;
}
location ~* \.(png|jpg|jpeg|gif|svg|ico)$ {
expires 30d;
add_header Cache-Control "public, no-transform";
}
error_log /var/log/nginx/allrest_error.log;
access_log /var/log/nginx/allrest_access.log;
}
and this is laravel routes
Route::group(['domain' => '{subdomain}.' . config('allrest.app_domain')], function () {
Route::get('/', 'SubdomainController#show');
});
Route::group(['domain' => 'www.{subdomain}.' . config('allrest.app_domain')], function () {
Route::get('/', 'SubdomainController#show');
});
I tried with adding
return 301 https://$host$request_uri;
at the end of nginx conf but that prevent accessing the website completetly
and chrome give error To many redirects
and this is how my digital ocean DNS rules are
digitalocean Dns Records
No load balancer at digital ocean
Load Balancer Digital ocean
However I found some rules in firewall setting I don't know if it has something to do with these rules
Here is the picture Firewall rules Digital ocean
I'm trying to deploy my laravel app to ubuntu using nginx, everything was fine before I using ssl. But after I using ssl, it's not working anymore if I'm accessing my website using outside network (still working if I access it using server network).
this is my nginx configuration:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name kopidw.id www.kopidw.id;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl on;
ssl_certificate /etc/nginx/ssl/certificate_kopinedw.crt; #path to your public key
ssl_certificate_key /etc/nginx/ssl/private_kopinedw.key; #path to your private key
ssl_client_certificate /etc/nginx/ssl/ca-bundle.crt;
ssl_verify_client optional;
root /var/www/html/kopinedw-cms/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
This is my first time using nginx, so I don't have any Idea why I got ERR_TOO_MANY_REDIRECTS.
Any help would be very helpful for me, thanks
I'm struggling for few days to find a solution. It seems that my nuxt/axios proxy configuration are not taken into account when my site is on production. Locally everything is working fine but once the site is on the server my ajax calls hit mysite.com/api/ect... instead of being proxy to mysite.com/api/v1/ect. I tried to play with axios.baseURL and various configuration but nothing seems to work.
axios: {
proxy: true,
credentials: true,
},
proxy: {
'/api/': { target: 'mysite.com/api/v1', pathRewrite: {'^/api/': ''} },
},
Maybe the issue comes from my Nginx configuration ? I use a reverse proxy to serve a nuxt app on mysite.com and a laravel api on mysite.com/api. Can this be the problem ?
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/mysite.com/before/*;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mysite.com;
server_tokens off;
root /home/forge/api/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/....
ssl_certificate_key /etc/nginx/ssl/....
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers .....
ssl_prefer_server_ciphers off;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/mysite.com/server/*;
location /api {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mysite.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/mysite.com/after/*;
Thanks for your help and recommendation,
Don't use API_URL if you use proxy mode. Use prefix instead of.
Turn on debug for check the proxyRequest:
proxy property in nuxt.config.js:
proxy: {
// target, others options
logLevel: ‘debug’,
onProxyReq(proxyReq, req, res) {
// console.log here
}
}
I have a nuxt application SPA for the front end and a laravel API. Nuxt calls on API for request. I am trying to deploy this in one digital ocean droplet but I am having problems with it. My laravel application seems to be working but I cant get nuxt to show here is my set up
Ubuntu 20
nginx 1.18
php 7.4
laravel nginx server block
server {
listen 80;
server_name DROPLET_IP;
root /var/www/laravel-api/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
here is my nuxt server block:
server {
listen 3000;
server_name DROPLET_IP;
keepalive_timeout 60;
index index.html;
location / {
root /var/www/nuxt-front/dist;
}
}
both of these are in their own sites-available and symlink to sites enable.
for some reason when I access http://DROPLET_IP:3000. it just hangs.
Is there a special way I should be doing this to run as expected?
Use root
server {
listen 80;
server_name example.com;
keepalive_timeout 60;
root /var/www/nuxt-front/dist;
}
or
use proxy pass
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
I have read this tutorial to set up SSL for my laravel site. I did not read everything (oops), and did not delete the "default" site. I have generated CSR from default site (but with example.com for domain). Now I have my certificate and i have installed it through laravel forge, but it does not work:
cannot connect to https://example.com (browser / curl)
http://example.com does not redirect to https
Nothing in /var/log/nginx/default-error.log
I restarted nginx
Here is my /etc/nginx/sites-available/default file content :
server {
listen 80;
#server_name default;
server_name example.com www.example.com;
#return 301 default$request_uri;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
#server_name default;
server_name example.com www.example.com;
root /home/forge/default/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/default/XXXXX/server.crt;
ssl_certificate_key /etc/nginx/ssl/default/XXXXX/server.key;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
What can I do to make it work ?
Ok, it was a certificate problem. I tried nginx -t and there was an error, now I restarted all the process and everything is alright now.