Issue
This is one step ahead of this article,
Below is the current flow and configuration and it is working. I can access UI from /16 machine. This was done by someone else. I guess by following above article.
Client------------------nginx----------------------nginx
192.168.13.90/16 eth0 - 192.168.13.2/16 eth0 - 192.168.13.9/16
eth0.1 - 182.28.129.202/24
|
|
uWSGI
I am beginner to nginx and python. I am trying to configure nginx as reverse proxy on eth0.1
interface in the following scenario,
Client------------------nginx---------------------nginx
182.28.129.201/24 eth0 - 192.168.13.9/16 eth0 - 192.168.13.2/16
eth0.1 - 182.28.129.202/24
|
|
uWSGI
Below are the current nginx config files with my current trial & error comments,
Edit2 - Comment out the location block for special login.html
page from upstream nginx reverse proxy server
# /etc/nginx/nginx.conf
# 192.168.13.2/16 - this upstream server
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/access.log;
error_log /var/log/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Below is the ui.conf file included by above nginx.conf, # /etc/nginx/sites-enabled/ui.conf
# 192.168.13.2/16 - this upstream server
server {
listen 192.168.13.2:80;
server_name 192.168.13.2:80;
access_log /var/log/access.log;
error_log /var/log/error.log;
# No physical login.html,
# it is passing it to root which is login screen
#location = /login.html { <--------- Edit2
# return 301 /;
#}
location / {
include uwsgi_params;
uwsgi_pass unix:/var/run/ui.sock;
}
}
Following is the nginx.conf on eth0.1
on different subnet,
Edit1 - The problem I am facing with this config is the request is proxied to the upstream nginx server but the response is gzip and chunked. I don't see page loading on the client.
Edit2 - I added location block for special page login.html
and it loaded the page but it stuck at the redirect page. See wireshark stream below,
# /etc/nginx/nginx.conf
# eth0 - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24 - Reverse proxy
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
#tcp_nopush on;
keepalive_timeout 0; #Disable
gzip on;
gzip_disable "msie6"; # <----------- Edit2
server {
listen 182.28.129.202:8080;
server_name 182.28.129.202:8080;
#rewrite ^(.*) $scheme://$server_name$1 permanent;
location = /login.html { # <---------- Edit2
proxy_pass http://192.168.13.2:80/;
}
location / {
proxy_pass http://192.168.13.2:80;
# trial and error
#proxy_http_version 1.1;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto http;
#proxy_bind 192.168.13.9;
#proxy_buffering off;
}
}
}
Edit2 - Wireshark stream, stuck at redirect page, /home
POST /login.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://182.28.129.202:8080/login.html
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: 182.28.129.202:8080
Content-Length: 33
DNT: 1
Connection: Keep-Alive
Cache-Control: no-cache
password=xxxxxxxxxx&login-submit=Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 20:10:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 239
Connection: close
Location: http://192.168.13.2/home
Set-Cookie: remember_token=admin|c8aa43aab8b27724a207eb28ac7d1034d1e274fc4f528002a2d6106bb7c36a41756f6951d518f632d426a7d8c8257ad00dbab78e3daf7a5bbbc723ba33107e5e; Expires=Fri, 07-Dec-2018 20:10:50 GMT; Path=/
Set-Cookie: session=.eJw1zksKwzAMRdG9eNyBLUeSnc0E2ZJoBgkln1Hp3msonT4uvPMOix92PsN8Hbc9wrJqmAMgdgOPWhJx06jSM-lEuUKN5CzelFJJJY-pRs5QDLkgRWsdPZZkTZETkRikws1gUufeRL0a9zhlHAlXFEDPYlLHW1RI3sAYwoC87Nhkt_360-7Tjh9PdFv38PkC4lY3Tg.DQsxyg.lZrpSNvXnwE-JHT5t6qlYLAQP4Y; Expires=Sun, 07-Jan-2018 20:10:50 GMT; HttpOnly; Path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="/home">/home</a>. If not click the link.
First I am trying to be able to access UI over HTTP and then with HTTPS. I am not able to move ahead due to my knowledge in this area so greatly appreciate any guidance.
Thank you,
Solution
I was doing a lot of trial and error and thats where was observing weird errors. Following are the config files which worked for me. Hope it will help some-one.
# 192.168.13.2/16 - this upstream server
server {
listen 192.168.13.2:80;
server_name 192.168.13.2:80;
access_log /var/log/access.log;
error_log /var/log/error.log;
# No physical login.html,
# it is passing it to root which is login screen
location = /login.html {
rewrite ^ http://192.168.13.2/ last;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/var/run/ui.sock;
}
}
# /etc/nginx/nginx.conf
# eth0 - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24 - Reverse proxy
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
#tcp_nopush on;
keepalive_timeout 0; #Disable
gzip on;
gzip_disable "msie6";
server {
listen 182.28.129.202:8080;
server_name 182.28.129.202:8080;
location / {
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://192.168.13.2:80;
}
}
}
Answered By - eyePatch Answer Checked By - Marie Seifert (PHPFixing Admin)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.