nginx proxypass TCP 389

Question

We have one "OpenLDAP" server with port 389 currently active,using nginx we want to proxypass this TCP port 389 to TCP based ingress. can any one please share the nginx.conf detail for this.

So far, left with incomplete as per below,

upstream rtmp_servers {
server  acme.example.com:389;
   }

server {
listen     389;
server_name localhost:389;
proxy_pass rtmp_servers;
proxy_protocol on;
}

Getting an error, any recommendation is appreciated

2021/03/02 09:45:39 [emerg] 1#1: "proxy_pass" directive is not allowed here in /etc/nginx/conf.d/nginx-auth-tunnel.conf:9 nginx: [emerg] "proxy_pass" directive is not allowed here in /etc/nginx/conf.d/nginx-auth-tunnel.conf:9

Answer 1

1. Your configuration should be in a stream block
2. You don't need server_name localhost:389;
3. You are including the configuration from /etc/nginx/conf.d folder which is included inside http block in main nginx.conf file. The stream block should be at the same level as http block. Check the /etc/nginx/nginx.conf for the include and maybe you have to add one for the stream section

This is a sample nginx.conf,

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf; #This include is your problem
}

stream {
    upstream rtmp_servers {
       server  acme.example.com:389;
    }

   server {
      listen     389;
      proxy_pass rtmp_servers;
      proxy_protocol on;
   }
}