Welcome! Log In Create A New Profile

Advanced

nginx is redirecting to wrong server context

Raman Meenakshisundaram via nginx
November 15, 2023 06:44PM
Hi
I am trying to download a docker image through nginx, and found that it is always redirecting to the first server configured in the nginx.conf file.

I am doing a podman pull "podman pull --tls-verify=false mcr.itt.aws.orpd..com.au/devcontainers/python:dev-3.9-buster" but it is wrongly going to docker-alice.itt.aws.oprd.com.au

We have setup route53 record in AWS already.

Below is the nginx.conf file content:
----------------------------------------------------------------------------------------------------------------------------------------

For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
#worker_processes auto;
worker_processes 4;
worker_rlimit_nofile 4096;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
worker_connections 4096;
}

http {

proxy_send_timeout 120;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_buffering off;
proxy_request_buffering off;
# allow large uploads of files
client_max_body_size 1G;
keepalive_timeout 5 5;
tcp_nodelay on;

map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
'' 'registry/2.0';
}

server {
listen 443 ssl;
listen 80;
server_name docker-alice.itt.aws.oprd.com.au;

ssl_certificate /etc/nginx/ssl/selfsigned_wildcard_san_cert.crt;
ssl_certificate_key /etc/nginx/ssl/privatekey_selfsigned_wildcard_san.pem;

# Docker /v2 and /v1 (for search) requests
resolver 10.78.128.2:53 valid=300s ipv6=off;
resolver_timeout 10s;

location /v2 {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
set $backend "nexus.itt.aws.oprd.com.au";
proxy_pass https://$backend/repository/proxy-to-nonprod-hosted$request_uri;
#proxy_pass https://nexus.itt.aws.oprd.com.au/repository/proxy-to-nonprod-hosted/$request_uri;
}
location /v1 {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
set $backend "nexus.itt.aws.orpd.com.au";
proxy_pass https://$backend/repository/proxy-to-nonprod-hosted$request_uri;
#proxy_pass https://nexus.itt.aws.oprd.com.au/repository/proxy-to-nonprod-hosted/$request_uri;
}
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
set $backend "nexus.itt.aws.oprd.com.au";
proxy_pass https://$backend/;
#proxy_pass https://nexus.itt.aws.oprd.com.au/;
}
}
server {
listen 443 ssl;
listen 80;
server_name mcr.itt.aws.oprd.com.au;

ssl_certificate /etc/nginx/ssl/selfsigned_wildcard_san_cert.crt;
ssl_certificate_key /etc/nginx/ssl/privatekey_selfsigned_wildcard_san.pem;

# Docker /v2 and /v1 (for search) requests
resolver 10.78.128.2:53 valid=300s ipv6=off;
resolver_timeout 10s;

location /v2 {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
set $backend "nexus.itt.aws.oprd.com.au";
proxy_pass https://$backend/repository/mcr-proxy$request_uri;
}
location /v1 {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
set $backend "nexus.itt.aws.orpd.com.au";
proxy_pass https://$backend/repository/mcr-proxy$request_uri;
}
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
set $backend "nexus.itt.aws.oprd.com.au";
proxy_pass https://$backend/;
#proxy_pass https://nexus.itt.aws.oprd.com.au/;
}
}
}

*******************************************************************************************
We acknowledge the traditional custodians of the land on which we meet, work
and live. We pay our respects to the ancestors and Elders, past and present..

The information in this email and any attachments may contain confidential, privileged
or copyright material belonging to us, related entities or third parties. If you are not
the intended recipient you are prohibited from disclosing this information. If you
have received this email in error, please contact the sender immediately by return
email or phone and delete it. We apologise for any inconvenience caused. We use
security software but do not guarantee this email is free from viruses. You assume
responsibility for any consequences arising from the use of this email. This email
may contain personal views of the sender not authorised by us.
*******************************************************************************************
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

nginx is redirecting to wrong server context

Raman Meenakshisundaram via nginx November 15, 2023 06:44PM

Re: nginx is redirecting to wrong server context

Jeremy Cocks via nginx November 15, 2023 08:28PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 139
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready