Author Topic: Nginx Reverse Proxy  (Read 16049 times)

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #30 on: October 04, 2011, 02:10:14 am »
username(xxx)  3108  3071  0 20:08 pts/0    00:00:00 grep --color=auto nginx


half_life

  • Bug Hunter
  • Zen Hero
  • *****
  • Posts: 867
  • Karma: +59/-0
    • View Profile
Re: Nginx Reverse Proxy
« Reply #31 on: October 04, 2011, 02:17:52 am »
sudo /etc/init.d/nginx start.  Then repeat the first command.  You should get one line for your grep command and one line for the server.   ps (list running processes) -ef (e= all processes f=full listing) | (pipe the output) grep (search) nginx (we are looking for a running nginx process).  You get one line that lists the command you just typed in and one for the server.   To make the start command permanent "insserv nginx" (adds the neccessary symlinks to call nginx during the init process).

half_life

  • Bug Hunter
  • Zen Hero
  • *****
  • Posts: 867
  • Karma: +59/-0
    • View Profile
Re: Nginx Reverse Proxy
« Reply #32 on: October 04, 2011, 02:19:37 am »
I could shoot myself,  three days of increasingly complicated troubleshooting when I should have asked the "is it plugged in" questions first.  Sorry for running you around in circles.

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #33 on: October 04, 2011, 02:34:30 pm »
I am sorry for wasting half_life and christians time with this.  I kept thinking that nginx was on, but I did not take into account that I restarted the server since the time I installed the program.  I thought it would start on its own..... boy do I feel stupid now.

Well.... now I got nginx to take me to the standard it works page inside my server when I point it to port 82.
I tried to get it to point to a vhost.... wpad.wifi.lan..... but so far no success... just keeps pointing to the regular IT works page.

I am assuming it has to do with the rewrite rule.....  I tried following your example half_life... perhaps I missed something or did not write the script correctly.  I will try later today.

christian

  • Guest
Re: Nginx Reverse Proxy
« Reply #34 on: October 04, 2011, 03:24:47 pm »
Rewriting can look strange and tricky at the beginning until you understand how it works.

Could you please post URL you type and URL you aim to reach along with your Nginx config (well, only the include section)  ;)

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #35 on: October 04, 2011, 03:58:53 pm »
the standard /etc/nginx/nginx.conf is default... did not touch it.

I created a new file /etc/nginx/sites-available/AAA

server {
     server_name  aaa.dyndns.org;
     access_log  /var/log/nginx/access_aaa.long;

     location /wpad/ {
           rewrite  /wpad/(.*) /$1 break;
           proxy_pass http://wpad.home.lan;
           proxy_redirect off;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           }
}


if I type in the browser aaa.dyndns.org:82/wpad  it takes me to the "It Works" page.... not the wpad.home.lan

christian

  • Guest
Re: Nginx Reverse Proxy
« Reply #36 on: October 04, 2011, 04:26:14 pm »
Ha ha ha.... you like to make it complex isn't it  ;D stacking both WPAD stuff with reverse proxy while none is fully working yet  ::)
WPAD is a bit tricky because you do not control what browser is going to search as web server providing wpad.dat file. e.g. Depending on what you have set, assuming you use DNS method, then browser will try different URL based on host FQDN.

and something like htt:/whatever/wpad/ will never be searched... is will rather be http://wpad.whatever/wpad.dat

Thus I'm a bit confused with your example  :-[
Then if you have index.html file at wpad.home.lan, this is different  :)  (I've one for testing purpose...)

This said, if your goal is to reach http://wpad.home.lan when you type http://aaa.dyndns.org/wpad/ then you don't need any rewrite here but redirect to http://wpad.home.lan/
Removing your "rewrite" directive should work so far... let me think twice about this...

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #37 on: October 04, 2011, 04:36:26 pm »
my main reason for trying this is just to see if I the reverse proxy would get me to something other than the standard "IT Works" page.  The wpad.home.lan does have the wpad.dat file located in the srv/www/wpad.home.lan.   All I wanted to do is see if I can reach it by going through the reverse proxy.

My real implamentation of this will be different.  I have a vhost which is called "webmail" which allows me to access zarafa if you type in http://webmail/webaccess in one of the clients machines.  I want to be able to access zarafa from the external port, but for that I need to reach reach it.  I was hoping to use reverse proxy to get me to http://webmail/webaccess.   Is this possible with reverse proxy??  Can I setup something like zarafa to work this way??

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #38 on: October 04, 2011, 04:42:40 pm »
Plus if I can get reverse proxy working to reach http://webmail/webaccess (IP 192.168.0.1) than I will create a full external webpage... under vhost http://aaa...family.com. and I will also install alfresco and have that reached through reverse proxy.   Hope I am making sense on my final implementation.

I do like to make it complex because I want to learn and figure out how major corporations set things up.  A lot of what I have setup so far is to try an mimic the company I work for... well the engineering building itself. The company is international so there is no way for me to have the same network setup.

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #39 on: October 04, 2011, 04:46:30 pm »
My webmail/webaccess if forced SSL which I know requires a different setup. this is why I did not ask about it right away.  I wanted to connect to something more simple first.

christian

  • Guest
Re: Nginx Reverse Proxy
« Reply #40 on: October 04, 2011, 05:46:22 pm »
I share.
For this you can just host flat file on whatever server that is not Zentyal.

I'll try to install again Nginx on my Samba server and make such conf for you.

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #41 on: October 04, 2011, 05:52:16 pm »
I just rewrote the location portion to this in order to test it .

server {
    Listen 82;
     server_name  aaa.dyndns.org;
     access_log  /var/log/nginx/access_aaa.long;

     location / {
           proxy_pass http://wpad.home.lan;
           proxy_redirect off;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           }
}

from my understanding this should work like this.
I type address aaa.dyndns.org:82 in a browser and I would see output from wpad.home.lan

I do not have an html file on wpad.home.lan..... all I have is the wpad.dat file.  However when I try this senario I still get connected to just "It Works" and not my vhost wpad.home.lan

christian

  • Guest
Re: Nginx Reverse Proxy
« Reply #42 on: October 04, 2011, 05:56:53 pm »
 ;D ;D

I was writing that listening on port 82 was missing.. when you added it  ;)

christian

  • Guest
Re: Nginx Reverse Proxy
« Reply #43 on: October 04, 2011, 07:14:06 pm »
So I made a quick test:

my Zentyal server (say server A) is running webmail at http://myserver.internal/webmail
I have another server, say server B, on which I did this:
- apt-get install nginx
- vi /etc/nginx/conf.d/proxy.conf to add proxy content
Code: [Select]
  proxy_redirect off;
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- change /etc/sites-availables/default to:
   > listen on port 82
   > set server name test.internal
   > change default location to:
Code: [Select]
location / {proxypass http://myserver.internal/;}
- /etc/init.d/nginx restart

and now when I type http://test.internal:82, I'm accessing webmail at http://test.internal/webmail exposing content of http://myserver.internal/webmail

I took me 6 minutes including some DNS adjustment because of new fake name.

Does it help?

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Nginx Reverse Proxy
« Reply #44 on: October 04, 2011, 08:41:33 pm »
Yes this helps a lot thank you !!!!

I believe I got my basic setup working to my test site.  The only difference is that I currently have everything running on one server...   maybe tonight I will start a virtual one.

Now lets see if I can get to my webaccess.  The difference here is that my vhost webmail has forced SSL..... I know that nginx in the /etc/nginx/sites-available/default has https setup.  You have to uncomment it and fill it out.

1) I am assuming that you follow the same basic steps except now you have to add the ssl certificate and the ssl key.
Now would the location of the certificate and key be located in /etc/apache2/ssl ???