I'm trying to deploy my first Clojure WebSocket app and I think I'm getting close. I get a good response locally, and it looks like the endpoint wants to face the outside world (I see that the port is open when I run netstat), but no response. I'm certain that I have something setup incorrectly in nginx.
I currently already host a few other websites on this server, just want to add the necessary config to get requests made to wss://domain.com:8001 to communicate with my app.
Here is the location entry I'm using now:
location / {
proxy_pass http://localhost:8001;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
access_log /var/www/logs/test.access.log;
error_log /var/www/logs/test.error.log;
}
Could anyone help point me in the right direction? My guess is that I actually have too much in the config, and what's there is probably not correct.
** EDIT: ** For interested parties, I put up my working config (based on Erik Dannenberg's answer) in a gist.
You are missing two more headers, a minimal working config:
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
# add the two below
proxy_set_header Upgrade websocket;
proxy_set_header Connection upgrade;
# optional, but helpful if you run into timeouts
proxy_read_timeout 86400;
}
Related
I was asked by my workers council to remove the author and assignee filter from the SonarQube issues page. I'm using SonarQube version 6.7.7 (build 38951).
Currently I don't see any option to configure this. Is there any option to remove the filter? I know that I can disable to analysis of of the SCM commits at all, but I want to keep the my issues feature and the notification on new issue.
Unfortunately, it is impossible by using only SonarQube (check the proposal about the nginx proxy configuration) and won't be implemented. Read more details here: SONAR-11028 Turning off developer nominative information/metrics.
Finally we are now using a workaround that filters certain requests to the SonarQube API with an nginx reverse proxy.
Here is a configuration example:
events {
worker_connections 1024;
}
http {
server {
listen 80;
listen [::]:80;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://sonarqube:9000;
}
location /api/issues/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header Accept-Encoding "";
proxy_pass http://sonarqube:9000;
sub_filter_once off;
sub_filter_types application/json;
sub_filter 'authors' 'XXXXXXXXXX';
sub_filter 'assignees' 'XXXXXXXXXX';
}
}
}
I wanted to split my applications so that I can configure Tomkat into two different domains "example.com" and "api.example.com". Is it possible to do this with one application? So that some requests are processed on subdomain.
Sure, you can multiple domains of redirecting to multiple Tomcat applications. You would need to install the applications in your Tomcat and make them listen for different ports. Then if you were to use Nginx, all you have to do is change the server clause in your /sites-enabled/ directory from your installation. For your case, you will need two files, one for each domain.
FILE 1
server {
server_name example.com;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080;
}
}
FILE 2
server {
server_name api.example.com;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8081;
}
}
You can find more information in the following url.
I have an API with Goliath gem (ruby) and I want to get the ip of the movile which is calling to my API. The case is, env['REMOTE_ADDR'] always give me 127.0.0.1 when some device is calling me. It shoud be the ip from the mobile is calling me, right?
Any help please?
Thanks in advance!
The problem was with proxying through Nginx. I had to change the Nginx proxy configuration as follows.
upstream app_xxx {
server 127.0.0.1:3000;
}
server {
listen 80;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://app_xxx;
}
}
The important thing is: The real IP is in the X-Real-IP parameter. So you have to access it as:
env['X-Real-IP']
I need tornado-sockJS Nginx configuration i cant find any documentation on the web who can help me?
not working tornado-nginx configurations with sockJS ..
I use SockJS-Tornado in my blog application. I create a SockJSRouter in my code here. My SockJSConnection subclass is defined in my code here, and here is my nginx.conf. The relevant lines of my nginx.conf are like:
location /blog/sock_js {
proxy_pass http://motor_blog;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
I've got an Nginx/Gunicorn/Django server deployed on a Centos 6 machine with only the SSL port (443) visible to the outside world. So unless the server is called with the https://, you won't get any response. If you call it with an http://domain:443, you'll merely get a 400 Bad Request message. Port 443 is the only way to hit the server.
I'm using Nginx to serve my static files (CSS, etc.) and all other requests are handled by Gunicorn, which is running Django at http://localhost:8000. So, navigating to https://domain.com works just fine, as do links within the admin site, but when I submit a form in the Django admin, the https is lost on the redirect and I'm sent to http://domain.com/request_uri which fails to reach the server. The POST action does work properly even so and the database is updated.
My configuration file is listed below. The location location / section is where I feel like the solution should be found. But it doesn't seem like the proxy_set_header X-* directives have any effect. Am I missing a module or something? I'm running nginx/1.0.15.
Everything I can find on the internet points to the X-Forwarded-Protocol https like it should do something, but I get no change. I'm also unable to get the debugging working on the remote server, though my next step may have to be compiling locally with debugging enabled to get some more clues. The last resort is to expose port 80 and redirect everything...but that requires some paperwork.
[http://pastebin.com/Rcg3p6vQ](My nginx configure arguments)
server {
listen 443 ssl;
ssl on;
ssl_certificate /path/to/cert.crt;
ssl_certificate_key /path/to/key.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name example.com;
root /home/gunicorn/project/app;
access_log /home/gunicorn/logs/access.log;
error_log /home/gunicorn/logs/error.log debug;
location /static/ {
autoindex on;
root /home/gunicorn;
}
location / {
proxy_pass http://localhost:8000/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol https;
}
}
Haven't had time yet to understand exactly what these two lines do, but removing them solved my problems:
proxy_redirect off;
proxy_set_header Host $host;