Welcome! Log In Create A New Profile

Advanced

Provide insights on nginx reverse proxy with external auth

Posted by holst 
Provide insights on nginx reverse proxy with external auth
October 14, 2020 08:38AM
I want to use an external authentication service to protect my api backend. For that I want to use nginx. Because this is deployed on Docker the IP number of the upstream backend services can change. Both auth and api-server are services that do not have static IP.

Two issues for this (for which I have found workarounds):

1. I need to use "break;" in the /auth location block. Why?
2. I needed to use a separate variable name for the $proxyurl variable. Why?

Thank you for any insights on this!

[code]
server {
listen 80;
server_name nginx;

location /auth {
internal;
set $proxyurl_auth http://auth:3000;
proxy_pass $proxyurl_auth;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
break;
}

location / {
auth_request /auth;
auth_request_set $auth_status $upstream_status;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

set $proxyurl http://api-server:3000;
proxy_pass $proxyurl;
proxy_read_timeout 90;
}
}
[/code]
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 77
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready