Welcome! Log In Create A New Profile

Advanced

Reverse proxy with SSL

Posted by albinon1nja 
Reverse proxy with SSL
December 06, 2017 09:56AM
We currently have two application servers on a Linux box in AWS. One is on port 8080 and one is on port 7080. I wanted to know if we could possibly setup a configuration this way:

prefix1.domain.com > applicationserver:8080
prefix2.domain.com > applicationserver:7080

Also, we would specify a UCC SSL cert with both URLs as SANs.

Basically, I want to have nginx route to each application based on which prefix is defined in the request and to also host the SSL communications with a single UCC cert.

One idea I had was setting up two WAN IP's on the server, then setting up a DNS A record to route to either WAN IP based on the prefix. Then, hopefully nginx can listen on either adapter and route.

Does anyone know if this configuration can be setup in nginx, or if there is an easier way to do what I want it to?
Re: Reverse proxy with SSL
December 06, 2017 10:37AM
https://serverfault.com/questions/832456/nginx-redirect-based-on-domain-name

---
nginx for Windows http://nginx-win.ecsds.eu/
Re: Reverse proxy with SSL
December 06, 2017 10:50AM
Thanks for the quick response! So if I'm reading this right, I just have to create a new vhost and don't even need to use two separate IP's or route DNS differently? Does it do this by reading the requested URL and then serving up whichever instance I have specified? Just interested in how this works. Thanks again!
Re: Reverse proxy with SSL
December 06, 2017 12:21PM
So I just got a rough draft going with this:

map_hash_max_size 262144;
map_hash_bucket_size 262144;
map $http_host $new {
'prefix1.domain.com' '1';
'prefix2.domain.com' '2';
}

server {
listen 80;
if ($new = '1') {
rewrite ^(.*) http://prefix1.domain.com:8080 redirect;
}
if ($new = '2') {
rewrite ^(.*) http://prefix2.domain.com:7080 redirect;
}
}

I'm having issues logging into those servers, since it appears to just load the login page for both over and over again. Any ideas?
Re: Reverse proxy with SSL
December 06, 2017 01:30PM
You need proxy_pass not a rewrite.

---
nginx for Windows http://nginx-win.ecsds.eu/
Re: Reverse proxy with SSL
December 06, 2017 01:41PM
Yep, if anyone is wondering, this is the proxy_pass that I put in and it works perfectly! Thanks for the help, @itpp2012

server_names_hash_bucket_size 128;

server {
listen 80 default_server;
server_name prefix1.domain.com;
set $upstream2 127.0.0.1:8080;

location / {

proxy_pass_header Authorization;
proxy_pass http://$upstream2;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect off;

}
}

server {
listen 80;
server_name prefix2.domain.com;
set $upstream1 127.0.0.1:7080;

location / {

proxy_pass_header Authorization;
proxy_pass http://$upstream1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect off;

}
}
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 65
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready