I have multiple Sinatra apps on unicorn + nginx and I want to proxy the second Sinatra app to be on a /app path.
root
root/app
Here is my nginx configuration file:
upstream root {
# Path to Unicorn SOCK file, as defined previously
server unix:/tmp/unicorn.root.com.sock fail_timeout=0;
}
upstream app {
# Path to Unicorn SOCK file, as defined previously
server unix:/tmp/unicorn.app.io.sock fail_timeout=0;
}
server {
listen 80;
# Set the server name, similar to Apache's settings
server_name root.com www.root.com;
# 301 redirect http://root.com$requesturi;
# Application root, as defined previously
root /var/www/root.com/public;
try_files $uri/index.html $uri #root;
location #root {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://root;
}
location /app {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://app;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
access_log off;
}
Using the configuration above I get a 404 from the app application.
How can I achieve that?
Related
When i start octane it always use this host http ://127.0.0.1:8000 , which is usable in local development, but in production environnement i use domain name instead of localhost
Is there a way to change the hostname like http ://domain.com:8000 when we start octane.
Update:
I'm using apache
Update:
I switched to Nginx so, it works better than apache. But if someone managed to resolve this in Apache feel welcome to leave your configuration.
You need Nginx or Apache. It's already on Octane Documentation.
In the Nginx configuration example below file, Nginx will serve the site's static assets and proxy requests to the Octane server that is running on port 8000:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80; // or 8000
listen [::]:80; // or 8000
server_name domain.com;
server_tokens off;
root /your/octane_path/public;
index index.php;
charset utf-8;
location /index.php {
try_files /not_exists #octane;
}
location / {
try_files $uri $uri/ #octane;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/domain.com-error.log error;
error_page 404 /index.php;
location #octane {
set $suffix "";
if ($uri = /index.php) {
set $suffix ?$query_string;
}
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header Scheme $scheme;
proxy_set_header SERVER_PORT $server_port;
proxy_set_header REMOTE_ADDR $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:8000$suffix;
}
}
You can change the hostname by passing the option --host=your-host to the octane command.
My application is split as:
Nuxt frontend website in a repository
Laravel backoffice AND API in a different repository (same server)
What I'm trying to achieve is setting up nginx into two server blocks, so that:
Nuxt is served via port 3000 (reverse proxy)
Laravel's backoffice is served as a regular php webpage on port 80
The API is served on port 8000 so that the website can fetch data
These are my HTTP configs:
API and backoffice
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
root /var/www/api/public;
server_name api.website.com;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /api {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8000;
proxy_read_timeout 90;
proxy_redirect http://localhost:8000 https://api.website.com;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
ssl_certificate /etc/letsencrypt/live/api.website.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.website.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
Website
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name website.com www.website.com;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000;
}
ssl_certificate /etc/letsencrypt/live/www.website.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.website.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
With these settings on nginx I'm getting a 403 when I try to reach the backoffice, and while the website works, I'm getting a gateway timeout ("Error occured while trying to proxy to") in any request I make.
How can I have it so that I can:
Browse to api.website.com and have the Laravel + Vue.js website open up
Browse to website.com and have the compiled Nuxt website open and fetching API data from api.website.com:8000
Both of these while under HTTPS
Any help would be greatly appreciated.
I setup my Laravel project in Nginx using reverse-proxy.
Here is my reverse-proxy.conf for the project
server {
listen 8090;
listen [::]:8090;
access_log /var/log/nginx/localhost.laravel-access.log;
error_log /var/log/nginx/locahost.laravel-error.log error;
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
try_files $uri =404;
}
location ^~ / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_pass http://XXX.XX.X.X:8082/;
}
}
currently the setup is listening to port 8090. so when I access the project, it is on
XXX.XXX.X.XXX:8090/login
the problem here is, after inputting the login credentials to my project, the port 8090 loses, and I am redirected into the
XXX.XXX.X.XXX
IP address only.
Thank you
if you can set APP_URL in env file
APP_URL=http://localhost:8090
Or set url in config/app.php
'url' => env('APP_URL', 'http://localhost:8090'),
then
php artisan config:clear
So I have spring boot app that i want to put behind nginx, problem is i get Connection refused when accessing localhost.
What my nginx config looks like :
server {
listen 80;
server_name workaround;
charset utf-8;
access_log off;
location / {
proxy_pass http://172.19.0.3:8080/workaround;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
}
}
What I have running :
What I get as a response when accesing localhost
404 not found. How come Its looking for some etc/nginx/html/index, when this is in my docker compose file :
nginx:
container_name: workaround-nginx
image: nginx:1.15.12-alpine
restart: always
ports:
- 80:80
- 443:443
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
depends_on:
- workaround
What is wrong with my configuration? How do i properly access my SB application?
I have tried to use localhost instead of IP bud that didnt worked.
Since it used nginx ip where app is not running.
I was thinking about rewriting somehow default config of nginx bud how do i even do that from dockerfile , and then why would i have to be forced to do that when volume has mapping already set.
Ok i figured it out, and i even managed to fix it so it works with resources that have hash prefixes:
events {
worker_connections 1024;
}
http {
server {
listen 80;
charset utf-8;
access_log off;
try_files $uri $uri/ =404;
location / { #this still has to be here, otherwise i get ISE
proxy_pass http://workaround:8085/;
}
location ^~ { #this thing fixes hashes and resources
proxy_pass $scheme://workaround:8085/$request_uri;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
expires 30d;
}
}
}
I have an app running on a service, behind a nginx server, using unicorn.
If I access http://server.com I get the app, up and running...But I still can access app on port 8080, like http://server.com:8080 but this time, without assets (which are beign served by nginx)
How do I block direct access to port 8080 on my prod. server?
The server is an Ubuntu 12.04
nginx.conf
upstream unicorn {
server 127.0.0.1:8080;
}
server {
listen 80 default deferred;
# server_name example.com;
root /home/deploy/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #unicorn;
location #unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
Make unicorn and nginx use a domain socket. For nginx:
upstream unicorn {
server unix:/path/to/socket fail_timeout=0;
}
Then pass '-l /path/to/socket' to unicorn, or alter your unicorn config file:
listen '/path/to/socket'