CODEWITHSUNDEEP
javascriptnginxproxy
Felipe Lima de Oliveira
Felipe Lima de Oliveira

Reputation: 41

reverse proxy nginx no such file or directory

I'm trying to setup a nginx's reverse proxy with SSL enabled. The Nginx has the SSL certs and keys. The backend server doesn't talk SSL with Nginx (it's on a DMZ-local network setup, so I guess it's ok).

My problem is: When the proxy pass occurs, the error log shows a lot of 'no such file or directory'. It takes me to a 404 error page of the backend application.

This are some of the error lines:

2052#2052: *9 open() "/etc/nginx/html/scripts/msptagutils.js" failed (2: No such file or directory), client: 189.68.143.17, server: www.example.com.br, request: "GET /scripts/msptagutils.js?build=9301 HTTP/1.1", host: www.example.com.br, referrer: https://www.example.com.br/servicedesk/

2052#2052: *9 open() "/etc/nginx/html/style/sdmspstyle.css" failed (2: No such file or directory), client: 189.68.143.17, server: www.example.com.br, request: "GET /style/sdmspstyle.css?build=9301 HTTP/1.1", host: www.example.com.br, referrer: https://www.example.com.br/servicedesk/

2052#2052: *1 open() "/etc/nginx/html/ze/css/gray/ze.min.css" failed (2: No such file or directory), client: 189.68.143.17, server: www.example.com.br, request: "GET /ze/css/gray/ze.min.css HTTP/1.1", host: "www.example.com.br", referrer: "https://www.example.com.br/servicedesk/"

This is the servicedesk.conf file:

server {
    ### server port and name ###
    listen          443;
    ssl             on;
    server_name     www.example.com.br;

    ### SSL log files ###
    access_log      /var/log/nginx/servicedesk-ssl-access.log;
    error_log       /var/log/nginx/servicedesk-ssl-error.log;

    ### SSL cert files ###
    ssl_certificate      /etc/nginx/ssl/www.example.com.br-chained.crt;
    ssl_certificate_key  /etc/nginx/ssl/example.com.br.key;

    ### Add SSL specific settings here ###


    ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers RC4:HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
    keepalive_timeout    60;
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout  10m;

    ### We want full access to SSL via backend ###
    location /servicedesk {
            proxy_pass  http://servicedesk-site.example.local;

            ### force timeouts if one of backend is died ##
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;



            ### Set headers ####
            proxy_set_header        Accept-Encoding   "";
            proxy_set_header        Host            $host;
            proxy_set_header        X-Real-IP       $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

            ### Most PHP, Python, Rails, Java App can use this header ###
            #proxy_set_header X-Forwarded-Proto https;##
            #This is better##
            proxy_set_header        X-Forwarded-Proto $scheme;
            add_header              Front-End-Https   on;


            ### By default we don't want to redirect it ####
            proxy_redirect     off;
  }

}

Can you guys point me the direction? What i'm doing wrong?

Upvotes: 4

Views: 7190

Answers (1)

sba
sba

Reputation: 2107

Looks like you're only proxying requests for the path /servicedesk.

The log shows accesses to /scripts/msptagutils.js which nginx tries to resolve locally. If nginx does SSL-offloading only, those requests should be passed to the backend too. So just proxy the full path /

server {
    ...
    location / {
        prox_pass ...
    }
}

Upvotes: 1

Related Questions