I have setup ELK using docker (https://github.com/deviantony/docker-elk).
Then I added a subdomain to nginx with this config:
location / {
auth_basic "closed site";
auth_basic_user_file /var/www/passwd;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_pass http://localhost:5601;
}
When I now visit this subdomain I see that Kibana loads but then fails.
This is what my browser console shows:
When I visit Kibana directly using the IP of my server and the port 5601 it runs flawlessly. This only happens when being proxy_passed through nginx.
Related
Quick backstory, I used Laravel Valet to setup a local development environment. I've since containerized the application and would like to just have Nginx proxy the main port 80 traffic to the localhost:8000 port the docker container is listening at. I've tried to remove (unpark/stop) Valet. I've commented out the lines from the nginx.conf that refer to the Valet config files. Nothing seems to work though
Here is my conf:
server {
listen 80;
server_name app.trucase.test paylaw.trucase.test;
location / {
proxy_pass http://127.0.0.0:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
I can go to app.trucase.test:8000 and it all works. But without the port, Nginx just isn't proxying the traffic. What am I missing?
I used nginx proxy for elasticsearch http://localhost:9200 as below shown
location /elasticsearch {
proxy_pass http://localhost:9200;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
but when i try to run https://<nginx_server>/elasticsearch
I got below error, any idea why? maybe I need change basePath and rewriteBasePath at elasticsearch.yml?but i did not find this option. I could not use subdoamin (e.g elasticsearch.domain_name) , i am sure if I can use suddomain for servername at nginix conf, it will be no problem at all
{"error":{"root_cause":[{"type":"index_not_found_exception","reason":"no such index","resource.type":"index_or_alias","resource.id":"elasticsearch","index_uuid":"_na_","index":"elasticsearch"}],"type":"index_not_found_exception","reason":"no such index","resource.type":"index_or_alias","resource.id":"elasticsearch","index_uuid":"_na_","index":"elasticsearch"},"status":404}
Thank you for looking on this.
I have a Magento 2.1.8 website and it will run on the Amazon EC2 with this https://aws.amazon.com/marketplace/pp/B007OUYR4Y Amazon AMI.
I have optimized everything on Magento 2 website but did not get the proper result on this.
I have tried to use the Varnish cache but it is not working with the HTTPS.
anyone have an idea, how can use the varnish with the HTTPS to optimize the website speed.
Varnish Cache does dot speak HTTPS natively. You'll need an SSL terminator such as Hitch, HAProxy, etc. deployed in front of Varnish, ideally using the PROXY protocol.
With my setups I use NGINX as a proxy to handle both http and https requests and then use Varnish as the backend so NGINX handles all the SSL certificates.
Here's an example of my NGINX ssl template:
server {
listen server-ip:443 ssl;
server_name example.com www.example.com;
ssl_certificate /home/user/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/user/conf/web/ssl.example.com.key;
location / {
proxy_pass http://varnish-ip:6081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Nginx on;
proxy_redirect off;
}
location #fallback {
proxy_pass http://varnish-ip:6081;
}
}
Actually i need to run rstudio server using https.
By default is http://server-ip:8787
I am following this file- (ssl- configuration)
https://s3.amazonaws.com/rstudio-server/rstudio-server-pro-0.98.507-admin-guide.pdf
You can set-up access to the RStudio server via a proxy. By doing that and setting up the Apache or Nginx web server to use SSL, you will have secure access to the RStudio server.
Here's an example of how you can both Shiny and RStudio running on the same domain using SSL and Nginx. If you use https://YOURDOMAIN/ it will run your shiny apps; https://YOURDOMAIN/rstudio to be able to edit the shiny apps directly from the browser!
Replace YOURDOMAIN with your server URL:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
#Server with proxy
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/YOURDOMAIN/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/YOURDOMAIN/privkey.pem;
server_name YOURDOMAIN;
location / {
proxy_pass http://localhost:3838;
proxy_redirect http://localhost:3838/ $scheme://$host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
}
location /rstudio/ {
rewrite ^/rstudio/(.*)$ /$1 break;
proxy_pass http://localhost:8787;
proxy_redirect http://localhost:8787/ $scheme://$host/rstudio/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
}
}
Unfortunately SSL is only available in the paid version.
See: https://www.rstudio.com/products/rstudio-server-pro/
I've got an Nginx/Gunicorn/Django server deployed on a Centos 6 machine with only the SSL port (443) visible to the outside world. So unless the server is called with the https://, you won't get any response. If you call it with an http://domain:443, you'll merely get a 400 Bad Request message. Port 443 is the only way to hit the server.
I'm using Nginx to serve my static files (CSS, etc.) and all other requests are handled by Gunicorn, which is running Django at http://localhost:8000. So, navigating to https://domain.com works just fine, as do links within the admin site, but when I submit a form in the Django admin, the https is lost on the redirect and I'm sent to http://domain.com/request_uri which fails to reach the server. The POST action does work properly even so and the database is updated.
My configuration file is listed below. The location location / section is where I feel like the solution should be found. But it doesn't seem like the proxy_set_header X-* directives have any effect. Am I missing a module or something? I'm running nginx/1.0.15.
Everything I can find on the internet points to the X-Forwarded-Protocol https like it should do something, but I get no change. I'm also unable to get the debugging working on the remote server, though my next step may have to be compiling locally with debugging enabled to get some more clues. The last resort is to expose port 80 and redirect everything...but that requires some paperwork.
[http://pastebin.com/Rcg3p6vQ](My nginx configure arguments)
server {
listen 443 ssl;
ssl on;
ssl_certificate /path/to/cert.crt;
ssl_certificate_key /path/to/key.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name example.com;
root /home/gunicorn/project/app;
access_log /home/gunicorn/logs/access.log;
error_log /home/gunicorn/logs/error.log debug;
location /static/ {
autoindex on;
root /home/gunicorn;
}
location / {
proxy_pass http://localhost:8000/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol https;
}
}
Haven't had time yet to understand exactly what these two lines do, but removing them solved my problems:
proxy_redirect off;
proxy_set_header Host $host;