Welcome! Log In Create A New Profile

Advanced

Provide insights on nginx reverse proxy with external auth

Posted by holst 
Forum List Message List New Topic
holst
Provide insights on nginx reverse proxy with external auth
October 14, 2020 08:38AM
I want to use an external authentication service to protect my api backend. For that I want to use nginx. Because this is deployed on Docker the IP number of the upstream backend services can change. Both auth and api-server are services that do not have static IP.

Two issues for this (for which I have found workarounds):

1. I need to use "break;" in the /auth location block. Why?
2. I needed to use a separate variable name for the $proxyurl variable. Why?

Thank you for any insights on this!

[code]
server {
listen 80;
server_name nginx;

location /auth {
internal;
set $proxyurl_auth http://auth:3000;
proxy_pass $proxyurl_auth;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
break;
}

location / {
auth_request /auth;
auth_request_set $auth_status $upstream_status;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

set $proxyurl http://api-server:3000;
proxy_pass $proxyurl;
proxy_read_timeout 90;
}
}
[/code]
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 200
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready