Reputation:
NGINX proxy_pass rewrite for location block not rewriting backend redirects
I am trying to make a NGINX config for allowing clients to browse to specific URLs on the proxy (e.g. https://ip/server1, https://ip/server2) and have it redirect through to the corresponding backend server properly.
My main problem is the location block on the reverse proxy for each backend server is not identical to the base URL of those backend servers. And the important part here: I cannot change the base URL of the backend servers.
I am running nginx/1.18.0 on Debian 11.
So the configuration I have so far looks like this:
server {
listen 443 ssl http2;
server_name 192.168.1.4;
#
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
#
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AE>
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
#
location / {
index index.html;
root /var/www/;
}
#
location /service1 {
rewrite /service1/(.*) /$1 break;
proxy_redirect off;
proxy_ssl_protocols TLSv1.3;
proxy_pass https://192.168.3.2/;
proxy_set_header Host "192.168.3.2";
proxy_set_header X-Real-IP $remote_addr;
}
location /service2 {
rewrite /service2/(.*) /$1 break;
proxy_redirect off;
proxy_ssl_protocols TLSv1.3;
proxy_pass https://192.168.3.2:8443/;
proxy_set_header Host "192.168.3.2";
proxy_set_header X-Real-IP $remote_addr;
}
}
The location / block is just a simple html page serving the shortcuts to each service.
As far as I understand, the rewrite in each location block will change any request from the client with the base url containing /service1 to / plus whatever they were requesting additionally.
When browsing to https://192.168.1.4/service1 I get the login page for that site but without any css.
After logging in though, I get redirected (from the backend server) to https://192.168.1.4/index.php. Which is counter to what I thought the rewrite line in the location block would do.
Did I do the rewrite line wrong? Wasn't it supposed to replace the https://192.168.1.4/index.php with https://192.168.1.4/service1/index.php?
I also suppose that none of the css loading is a symptom of the rewrite line not functioning the way I thought it would.
Can anyone help me with this? Is it possible to proxy_pass with NGINX while having differing URLs between the client and backend servers?
Upvotes: 1
Views: 2057
Answers (1)
Reputation:
As @Bman70 mentioned, the solution was to add a trailing slash to location block itself for each service.
I assume because the rewrite line is looking for /service1/ and not /service1, which is why it failed to rewrite the URL the first time.
So the modified location block looks like this:
location /service1/ {
rewrite /service1/(.*) /$1 break;
proxy_redirect off;
proxy_ssl_protocols TLSv1.3;
proxy_pass https://192.168.3.2/;
proxy_set_header Host "192.168.3.2";
proxy_set_header X-Real-IP $remote_addr;
}
I also added the default_type to the main location block just in case.
location / {
default_type "text/html";
root /var/www/;
index index.html;
}
Upvotes: 1
Related Questions
- nginx redirection not working inside location directive
- Nginx rewrite to proxy_pass server/path
- NGINX Rewrite ignored / not working with proxy_pass
- nginx proxy_pass omitting path
- proxy_pass overwrites the URL changed by rewrite directive
- proxy_pass return redirect in nginx
- Nginx redirect proxy_pass
- Nginx Reverse Proxy Redirect Issues
- NGINX unexpected behaviour with location directive and proxy_pass
- nginx location directive not working as expected