I'm using spring-boot:1.3.3, spring-hateoas:0.19.0 and spring-data-rest-core:2.4.4.
{
"_embedded" : {
"projects" : [ {
"status" : "ACTIVE",
"storageRegion" : "US",
"dataSize" : 96850,
"freemiumUnits" : 1,
"_links" : {
"self" : {
"href" : "http://example.com/x-region-us/api/data/projects/2c9f93b755359a4a015535c19b1f0006"
},
"project" : {
"href" : "http://example.com/x-region-us/api/data/projects/2c9f93b755359a4a015535c19b1f0006"
},
This is example of content served by spring-hateoas. After a while I switched my application to SSL.
Problem comes when using traverson.js to jump(hop) through "_links". Error occures:
traverson.min.js:2 Mixed Content: The page at
'https://example.com/project-new' was loaded over HTTPS, but requested
an insecure XMLHttpRequest endpoint
'http://example.com/x-region-us/api/data/submittalActions'. This
request has been blocked; the content must be served over HTTPS.
Is there a way to force spring to generate HTTPS links over HTTP in "_links" part of json?
If you use Apache Http Server, you need add in the config file this line:
RequestHeader set X-Forwarded-Proto "https"
Add the below headers to NginX
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Prefix $http_x_forwarded_prefix;
proxy_set_header X-Forwarded-Host $http_x_forwarded_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Protocol https;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Url-Scheme https;
proxy_http_version 1.1;
Related
I'm trying to configure the site to work with Nginx and Apache. When I try to reach the site, I get a 403 error.
In the file /etc/httpd/conf/httpd.conf I set the default port 8089 (since 8080 is already busy):
Listen 127.0.0.1:8089
Next, I create a config for Apache (/etc/httpd/conf.d/site.conf):
<VirtualHost 127.0.0.1:8089>
ServerName site.com
ServerAlias www.site.com
DocumentRoot "/usr/share/site/public"
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
<Directory "/usr/share/site/public">
Require all granted
AllowOverride all
</Directory>
</VirtualHost>
Finally, I create a config for Nginx (/etc/nginx/conf.d/site.conf):
server {
listen 80;
server_name site.com www.site.com;
root /usr/share/site/public;
charset utf-8;
gzip on;
gzip_types
text/css
application/javascript
text/javascript
application/x-javascript
image/svg+xml
text/plain
text/xsd
text/xsl
text/xml
image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php {
proxy_pass http://localhost:8089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\.ht {
deny all;
}
}
What could be the problem?
Good Day!
try this original config by laravel ref link https://laravel.com/docs/7.x/deployment
server {
listen 80;
server_name site.com www.site.com;
root /usr/share/site/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
gzip on;
gzip_types
text/css
application/javascript
text/javascript
application/x-javascript
image/svg+xml
text/plain
text/xsd
text/xsl
text/xml
image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
NOTE: fastcgi_pass u need to change php{version}-fpm.sock; based on your version
I have a Strapi instance running at localhost, where I need to prefix the api convention /api/v1 to the URL, but only for api endpoints. I can't find the way.
I already have this in server.js
server.js
host: env('HOST', '0.0.0.0'),
port: env.int('PORT', 1337),
url: env('', 'http://localhost:1337'),
admin: {
auth: {
secret: env('ADMIN_JWT_SECRET', '9c27e32146600c92d6fccb208d1fc873'),
},
},
});
So I need to request the data at endpoints like: http://localhost:1337/api/v1/restaurant/:id
And access to admin like default: http://localhost:1337/admin
Is that possible?
I'm using Strapi#3.1.4
nginx config
http {
upstream strapi {
server 127.0.0.1:1337;
}
server {
listen 8888;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# proxy_connect_timeout 180s;
# proxy_read_timeout 5400s;
# proxy_send_timeout 5400s;
# proxy_pass http://127.0.0.1:1337/;
# }
location / {
root C:/projects/strapi;
}
location /service-catalog/ {
rewrite ^/service-catalog/(.*) /$1 break;
proxy_pass http://strapi;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location /service-catalog/assets/ {
rewrite /service-catalog/(.*) /$1 break;
proxy_pass http://strapi/assets;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location /dashboard {
proxy_pass http://strapi/dashboard;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
}
}
server.js
module.exports = ({ env }) => ({
host: env('HOST', '0.0.0.0'),
port: env.int('PORT', 1337),
url: 'http://localhost:8888/service-catalog',
admin: {
url:'http://localhost:8888/dashboard',
auth: {
secret: env('ADMIN_JWT_SECRET', 'f8bbc8130154293e157e1e01ab09d62d'),
},
},
});
delete build .cache folder
then run npm run build
then run npm run develop
I don't believe this is possible without using a proxy.
In your server.js you would specify url: 'https://api.example.com/v1', but this would also need to be set up in your proxy as this only makes Strapi aware of the proxy.
More details here:
https://strapi.io/documentation/v3.x/deployment/nginx-proxy.html#nginx-proxying
You can change your endpoint from api config. route.json
For your case you can try this.
go to ../app/api/restaurant/config/route.json
{
"method": "GET",
"path": "/api/v1/restaurants/:id", # update your route here
"handler": "restaurant.findOne", #action handler
"config": {
"policies": []
}
},...
now you can try http://localhost:1337/api/v1/restaurant/:id
You have to do the same for each route.
For more -
https://strapi.io/documentation/v3.x/content-api/api-endpoints.html#endpoints
I want to deploy my laravel application in my server with nginx as reverse proxy with apache, i have a problem with URLs and page links that start with index.php. I tried the url without index.php and it works, but all links in page are with index.php. This is my configuration :
Nginx :
server {
listen 80;
server_name dev.exemple.com;
root /var/www/laravel-app/public/;
index index.php index.htm index.html;
location / {
try_files $uri $uri/ /index.php$uri;
}
location ~ \.php {
proxy_pass http://MY-SERVER-IP-ADDRESS:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\. {
deny all;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
log_not_found off;
}
}
Apache
<VirtualHost *:8080>
ServerName dev.exemple.com
DocumentRoot /var/www/laravel-app/public/
<Directory /var/www/laravel-app/>
AllowOverride All
</Directory>
</VirtualHost>
Hello check this solution from https://laravel.io/forum/10-25-2014-configuration-for-running-laravel-with-nginx-and-apache
server {
listen 80;
access_log /var/www/site.com/logs/nginx.access.log;
error_log /var/www/site.com/logs/nginx.error.log;
root /var/www/site.com/public_html/public;
index index.php index.html;
server_name site.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~* ^.*\.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~ /\.(ht|git) {
deny all;
}
}
I have a problem with connecting to the socket server.
WebSocket connection to <URL> failed: Error during WebSocket handshake: Unexpected response code: 521
I have two different cloud server (1) for a client project and (2) for a socket server.
(1) Client Project:
var token = "{{ csrf_token() }}";
window.Echo = new Echo({
broadcaster: 'socket.io',
host: "{{env('SOCKET_SERVER_HOST')}}",
origin: '*',
transports: ['websocket', 'polling', 'flashsocket', 'ws', 'wss'],
auth: {
headers: {
'X-CSRF-TOKEN' : token,
}
},
csrfToken:token,
port:"6001",
});
(2) Socket Server
1. nginx
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name mydomain.com;
error_log /var/log/nginx/proxy-error.log error;
ssl on;
ssl_certificate /etc/nginx/certs/mydomain.com.pem;
ssl_certificate_key /etc/nginx/certs/mydomain.com.key;
ssl_session_timeout 3m;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ecdh_curve secp384r1;
location /socket.io {
proxy_pass http://mydomaincom:6001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-VerifiedViaNginx yes;
proxy_read_timeout 60;
proxy_connect_timeout 60;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_cache_bypass $http_upgrade;
}
}
laravel-echo-server.json
The below is laravel-echo-server configuration.
{
"authHost": "https://mydomaincom",
"authEndpoint": "/broadcasting/auth",
"clients": [
{
"appId": "xxxxxxxxxx",
"key": "yyyyyyyyyyyyyyyyyyyyyyyy"
}
],
"database": "redis",
"databaseConfig": {
"redis": {},
"sqlite": {
"databasePath": "/database/laravel-echo-server.sqlite"
}
},
"devMode": true,
"host": null,
"port": "6001",
"protocol": "https",
"socketio": {},
"secureOptions": 67108864,
"sslCertPath": "/etc/nginx/certs/mydomain.com.pem",
"sslKeyPath": "/etc/nginx/certs/mydomain.com.key",
"sslCertChainPath": "",
"sslPassphrase": "",
"subscribers": {
"http": true,
"redis": true
},
"apiOriginAllow": {
"allowCors": true,
"allowOrigin": "*",
"allowMethods": "GET, POST",
"allowHeaders": "Origin, Content-Type, X-Auth-Token, X-Requested-With, Accept, Authorization, X-CSRF-TOKEN, X-Socket-Id"
}
}
Supervisor
Here is the supervisor configuration.
[program:echo-worker]
directory=/home/user/apps/epanel
process_name=%(program_name)s_%(process_num)02d
command=laravel-echo-server start --config="ehealth-echo-server.json"
autostart=true
autorestart=true
user=user
numprocs=1
redirect_stderr=true
stdout_logfile=/home/user/apps/epanel/echo.log
2. Laravel Echo Server
Note: I use redis and laravel-echo-server and it's work very fine.
Does anyone have a solution?
This document is for those who use laravel echo server & nginx & socket.io & redis-server with separated server between client project and redis-server.
1) Edit /etc/redis/redis.conf
bind 127.0.0.1
supervised no
To
bind 0.0.0.0
supervised systemd
2) Update /etc/systemd/system/redis.service under [Service]
Type=notify
ExecStart=/usr/bin/redis-server /etc/redis/redis.conf --supervised systemd
3) Nginx /etc/nginx/sites-enabled/reverse-proxy.conf
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name mysitecom;
error_log /var/log/nginx/proxy-error.log error;
# Start the SSL configurations
ssl on;
ssl_certificate /etc/nginx/certs/mysitecom.pem;
ssl_certificate_key /etc/nginx/certs/mysitecom.key;
ssl_session_timeout 3m;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1.1 TLSv1.2;
# Diffie-Hellman performance improvements
ssl_ecdh_curve secp384r1;
location /socket.io {
proxy_pass http://mysitecom:2096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffers 16 4k;
proxy_buffer_size 2k;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-VerifiedViaNginx yes;
proxy_read_timeout 2h;
proxy_connect_timeout 2h;
proxy_redirect off;
}
}
4) laravel-echo-server.json
{
"authHost": "https://mysitecom",
"authEndpoint": "/broadcasting/auth",
"clients": [
{
"appId": "e45c056ec8ca8bd7",
"key": "88d316b5cccafbc5e905aa9ee13e63f7"
}
],
"database": "redis",
"databaseConfig": {
"redis": {
"host": "0.0.0.0",
"port": "6379"
},
"sqlite": {
"databasePath": "/database/laravel-echo-server.sqlite"
}
},
"devMode": true,
"host": null,
"port": "2096",
"protocol": "https",
"socketio": {},
"secureOptions": 67108864,
"sslCertPath": "/etc/nginx/certs/mysitecom.pem",
"sslKeyPath": "/etc/nginx/certs/mysitecom.key",
"sslCertChainPath": "",
"sslPassphrase": "",
"subscribers": {
"http": true,
"redis": true
},
"apiOriginAllow": {
"allowCors": true,
"allowOrigin": "*",
"allowMethods": "GET, POST",
"allowHeaders": "Origin, Content-Type, X-Auth-Token, X-Requested-With, Accept, Authorization, X-CSRF-TOKEN, X-Socket-Id"
}
}
Note: for someone who connects DNS with cloudflare please change default socket.io port 6001 to the following here.
i've an nginx container, on port 9200, that acts as load balancer. This is config file:
proxy_ignore_headers Set-Cookie;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
upstream backend {
server 192.168.99.103:9500 weight=3;
server 192.168.99.104:9500;
server 192.168.99.105:9500;
}
server {
listen 80;
server_name 172.17.0.1;
location = /LynyrdSkynyrdFreebirdAudio.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Methods "GET, OPTIONS";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
proxy_pass http://backend/;
add_header X-Upstream $upstream_addr;
}
location = /LynyrdSkynyrdFreebirdVideo.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Methods "GET, OPTIONS";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
proxy_pass http://backend;
add_header X-Upstream $upstream_addr;
}
}
This container load balance requests in the following way: when arrives a request localhost:9200/LynyrdSkynyrdFreebirdVideo.mp4 or localhost:9200/LynyrdSkynyrdFreebirdAudio.mp4, it balances requests across 3 servers.
These 3 servers are 3 nginx containers that acts as cache.
This is config file of nginx caches:
proxy_cache_path /tmp/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m;
proxy_cache_key "$scheme$request_method$host$request_uri";
proxy_cache_methods GET HEAD POST;
proxy_cache_valid 200 206 100m;
proxy_ignore_headers Set-Cookie;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Headers' 'Range';
server {
listen 80;
server_name 172.17.0.1;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
location /demo/ {
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://172.17.0.1:8700/shaka-player-master/demo/index1.html ;
}
location /media {
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://172.17.0.1:8700/shaka-player-master/media/example-av.mpd ;
}
location = /example-av1.mpd {
add_header 'Access-Control-Allow-Origin' '*';
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://192.168.99.103:9600/shaka-player/media/example-av1.mpd;
}
location = /LynyrdSkynyrdFreebirdVideo.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://192.168.99.103:9600/shaka-player/media/LynyrdSkynyrdFreebirdVideo.mp4 ;
}
location = /LynyrdSkynyrdFreebirdAudio.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://192.168.99.103:9600/shaka-player/media/LynyrdSkynyrdFreebirdAudio.mp4;
}
}
If i point to load balancer, i.e. localhost:9200/LynyrdSkynyrdFreebirdVideo.mp4 or localhost:9200/LynyrdSkynyrdFreebirdAudio.mp4, there is 404 not found. I expect that, if i point to this URL, load balancer balances request to 192.168.99.103(or 104, or 105):9500/LynyrdSkynyrdFreebirdVideo.mp4 or 192.168.99.103(or 104, or 105):9500/LynyrdSkynyrdFreebirdAudio.mp4.
But in the upstream block i don't know if in server directive i can add a path.
In fact, this is, i think, the very problem: in fact, if i point to 192.168.99.103(or104, or105):9500/LynyrdSkynyrdFreebirdAudio(or Video).mp4, i get the content correctly.
Can anyone helps me?
Solved:
i have added path to http://backend, like:
proxy_pass http://backend/LynyrdSkynyrdFreebirdVideo.mp4;