CODEWITHSUNDEEP
nginxubuntu-12.04
Rob Ferguson
Rob Ferguson

Reputation: 51

Nginx as reverse proxy for Ajenti

I have setup a server block for Ajenti as per -> http://support.ajenti.org/topic/349870-ajenti-behind-nginx/

location /ajenti {
    rewrite (/ajenti)$ / break;
    rewrite /ajenti/(.*) /$1 break;

    proxy_pass              http://127.0.0.1:8000;
    proxy_redirect /        /ajenti/;
    proxy_set_header        Host             $host;
    proxy_set_header        X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_http_version      1.1;
    proxy_set_header        Upgrade $http_upgrade;
    proxy_set_header        Connection $http_connection;
}

Which gets me to the login, but after I login Ajenti redirects to "/ajenti:auth" and not "/ajenti/ajenti:auth".

E.g.: Browser -> HTTPS -> Nginx -> HTTP -> Ajenti

It also seems to be an issue for "ajenti:static" resources too.

See: http://support.ajenti.org/topic/88086-support-ajenti-behind-a-reverse-proxy/

What is the recommended way to handle this in Nginx?

Upvotes: 4

Views: 2639

Answers (2)

theJustinWalsh
theJustinWalsh

Reputation: 76

EDIT: Adding proxy_set_header Origin http://$host; fixes it for me.

After upgrading to the latest version of ajenti I also have this problem as well. Error 403 Invalid Origin. This is my setup.

server {
    listen 443 ssl;
    server_name ajenti.mymagicalwebsite.com;
    ssl on;

    if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }

    location / {
        proxy_pass  http://localhost:8000;
        proxy_redirect off;
        proxy_set_header        Host                $host;
        proxy_set_header        X-Real-IP           $remote_addr;
        proxy_set_header        X-Forwarded-For     $proxy_add_x_forwarded_for;

        proxy_http_version 1.1;
        proxy_set_header        Upgrade         $http_upgrade;
        proxy_set_header        Connection      "upgrade";
        proxy_read_timeout      36000s;  ## Timeout after 10 hours
    }
}

Funny that it all worked a version ago with this exact same setup.

Upvotes: 4

Eugene
Eugene

Reputation: 963

Here's how I would do it:

Use location ~ /ajenti.* instead to match Ajenti's resources URLs.

Edit: tested that and it works.

Upvotes: 0

Related Questions