Answer the question
In order to leave comments, you need to log in
R
R
Rick2017-10-03 22:39:14
Rick, 2017-10-03 22:39:14
Nginx not proxying to remote host?
Hello!
Faced the problem that nginx does not proxy the remote host. Onlyoffice from docker is running on the remote host.
When I open the application by ip / name: port - the remote server works with the office.
The virtual stand is located in the local network.
nginx config:
server {
server_name apps.lab.lan;
rewrite ^ https://apps.lab.lan$request_uri? permanent;
}
server {
listen 80;
listen 443 ssl;
server_name apps.lab.lan;
ssl_certificate /home/ssl/apps-certs/apps.lab.lan.crt;
ssl_certificate_key /home/ssl/apps-certs/apps.lab.lan.key;
ssl_session_cache off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL;
gzip on;
gzip_min_length 1000;
gzip_http_version 1.0;
gzip_variable on;
gzip_comp_level 5;
gzip_proxied any;
gzip_types text/plain text/css text/javascript application/json;
client_max_body_size 100m;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.1.27:9443;
proxy_connect_timeout 60s;
proxy_read_timeout 60s;
proxy_send_timeout 60s;
proxy_ssl_verify off;
proxy_request_buffering off;
}
}
In the nginx log, such warnings sometimes slip through.
2017/10/03 17:58:38 [warn] 2522#2522: conflicting server name "apps.lab.lan" on 0.0.0.0:80, ignored
From the Nginx host, the reverse proxy works to another application, but they are on the same host, and it does not work on the remote host. Self-signed certificates.
The config is almost the same, only the headers differ depending on the application.
Any information on this topic will be relevant, troubleshooting and comments.
Thanks in advance!
2 answer(s)
@lubezniy
@Sleuthhound
L
lubezniy, 2017-10-04 @lubezniy
1. Two server sections have the same server_name , and the proxy is configured only in the second one. This is potentially the source of the problem.
2. Try to separate the receiving server into a separate upstream block and add it to the proxy-pass.
M
Mikhail Grigoriev, 2017-10-04 @Sleuthhound
What prevents you from referring to the official documentation with examples of settings, and not to fence the garden?
https://github.com/ONLYOFFICE/document-server-prox...
In my project, HTTPS-to-HTTPS proxying on Nginx is configured like this:
http {
# Websocket
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
...
lingering_time 86400;
proxy_ssl_verify off;
proxy_ssl_session_reuse on;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_cache off;
proxy_store off;
set $ssl off;
set $port 80;
if ($scheme = https) {
set $ssl on;
set $port 443;
}
location / {
proxy_pass https://192.168.XX.XX:8443/;
gzip off;
proxy_read_timeout 600s;
proxy_connect_timeout 600s;
proxy_redirect off;
proxy_buffering off;
proxy_request_buffering off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl $ssl;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $port;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Referer "";
}
}
}
Similar questions
L
W
A
K
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question