Using nginx for reverse proxy when path name not equals to '/'
KurumiSerori opened this issue · 4 comments
Hi, I have deployed cloud-torrent at port 10000 on a server using nginx listening to port 443. The service works well when we directly access http://domain:10000, but for some security reason, we are restricting access to :443 at present so a direct access to port 10000 from web will be forbidden. To utilize the service, we are planning to use https://domain/10000 as a reverse proxy url, which should redirect us (or proxy pass?) to http://localhost:10000.
However, we find that with this path name '/10000' and rewrite the path in nginx.conf, the page seems right (I think this means .css/.js/other resources are loaded well) but network will launch some failing requests to https://domain/template/config.html, https://domain/template/omni.html, https://domain/template/torrents.html, https://domain/template/downloads.html, and http://domain/sync, where serves an event-stream, and then the page stuck(these urls returning 404) on 'Connecting' if initial path name is not set to '/'. We also tried to modify location '/sync' or something else, but it still doesn't work.
It seems Server Sent Event(SSE) is not working or the .html resources are not located properly. An #235 fix has been adapted on the source code.
If path name is set as '/', the correct effect can be done following #141 , but it will only work at the root, which conflicts with other services. I'm not sure how should I modify nginx.conf to achieve such an effect when we apply to other path names.
Here is my nginx.conf
server{
listen 443 ssl;
ssl on;
...
server_name domain
location / {
# hosting other services
}
location /10000 { # If we put /10000 to /, the service works well on port 443.
rewrite ^/10000(.*) /$1 break;
proxy_set_header Cache-Control: no-cache;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_cache off;
proxy_buffering off;
proxy_set_header Connection keep-alive;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
keepalive_timeout 3600;
proxy_pass http://127.0.0.1:10000;
}
}
Any help is appreciated.
My English is a little weak.
At first I try to use TLS by nginx's reverse proxy. I failed and It showed 'conneting' all along.
If you try to use TLS for this porject in port which you want.
Add following options:
--key-path, -k TLS Key file path
--cert-path, -r TLS Certicate file path
Then it will be ok if your domain matches the certificate.
My English is a little weak.
At first I try to use TLS by nginx's reverse proxy. I failed and It showed 'conneting' all along.
If you try to use TLS for this porject in port which you want.
Add following options:--key-path, -k TLS Key file path --cert-path, -r TLS Certicate file pathThen it will be ok if your domain matches the certificate.
Thanks! I'll give it a try ASAP.
`
location /ct/ {
proxy_pass http://127.0.0.1:50511/;
}
location /sync {
proxy_set_header Cache-Control: no-cache;
chunked_transfer_encoding off;
proxy_cache off;
proxy_buffering off;
proxy_set_header Connection keep-alive;
proxy_pass http://127.0.0.1:50511/sync;
}
`
it works
`
location /ct/ { proxy_pass http://127.0.0.1:50511/; } location /sync { proxy_set_header Cache-Control: no-cache; chunked_transfer_encoding off; proxy_cache off; proxy_buffering off; proxy_set_header Connection keep-alive; proxy_pass http://127.0.0.1:50511/sync; }`
it works
Thanks, this config worked.
The slash after '/ct' and the first 'proxy_pass ... 50511' cannot be dropped.