Searching example config for my setup

Server NGINX
1

I am searching for an example configuration file for nginx for the
follow set-up:

  • firewall with prerouting port 80 and 443 to server-x running nginx

  • server-a running apache on port 80 (a.example.org) (192.168.24.60)

  • server-b running apache on port 80 (b.example.org) (192.168.24.61)

  • server-c running apache on port 80 (c.example.org) (192.168.24.62)

  • all ip-based request should be return a not available error

How can I make a name-based redirection to the different servers? And
should I handle https on nginx or should apache handle it?

I am running Debian 6.0.1. with nginx 0.7.67

Thanks in advance,

Kind regards,

Jelle de Jong

2

On 18-05-11 22:28, Jelle de Jong wrote:

I am searching for an example configuration file for nginx for the
follow set-up:

echo 'server {
server_name a.example.org;
location / {
proxy_pass http://192.168.24.61/;
}
}

server {
server_name b.example.org;
location / {
proxy_pass http://192.168.24.62/;
}
}

server {
server_name c.example.org;
location / {
proxy_pass http://192.168.24.63/;
}
}’ | tee /etc/nginx/conf.d/02example.conf

Looking at several snippet I made the above config, it seems to partaly
do what I want… Is this the correct way (efficient/secure)?

Kind regards,

Jelle de Jong

3

On 18-05-11 23:28, Jelle de Jong wrote:

On 18-05-11 22:28, Jelle de Jong wrote:

I am searching for an example configuration file for nginx for the
follow set-up:
Looking at several snippet I made the above config, it seems to partaly
do what I want… Is this the correct way (efficient/secure)?

server {
listen 80;
server_name a.powercraft.nl;
access_log /var/log/nginx/a.powercraft.nl.access.log;
location / {
proxy_set_header Host $host;
proxy_pass http://192.168.24.63/;
}
}

server {
listen 80;
server_name b.powercraft.nl;
access_log /var/log/nginx/c.powercraft.nl.access.log;
location / {
proxy_set_header Host $host;
proxy_pass http://192.168.24.63/;
}
}

server {
listen 80;
listen 443;
server_name c.powercraft.nl;
access_log /var/log/nginx/c.powercraft.nl.access.log;
location / {
proxy_set_header Host $host;
proxy_pass http://192.168.24.64/;
}
}

I did some more research and found:
http://wiki.nginx.org/HttpProxyModule
http://wiki.nginx.org/VirtualHostExample

I came up with the above set-up that partly fills my need :slight_smile:

Is it possbible to for http://192.168.24.63/ to see the IP-address of
the original browser requesting the http data? Now only the IP of the
nginx system is logged? (I know this is because of the proxy so I am
wondering if this is something that can be fixed?)

Is the configuration correct? Can it be improved? Hints & tips?

Kind regards,

Jelle de Jong

4

Dear Antoine,

Thank you for taking the time to help.

On 19-05-11 14:39, Antoine B. wrote:

Did you try “proxy_set_header X-Real-IP $remote_addr;” ?

I did, but it sill shows the IP-addr of the nginx server…

server {
listen 80;
server_name sandbox01.powercraft.nl;
access_log /var/log/nginx/sandbox01.powercraft.nl.access.log;
location / {
proxy_pass http://192.168.24.63/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
}
}

tail -n 1 /var/log/nginx/sandbox01.powercraft.nl.access.log;

109.32.215.197 - - [19/May/2011:15:42:41 +0200] “GET
/themes/garland/print.css?1 HTTP/1.1” 304 0
http://sandbox01.powercraft.nl/admin/settings” “Mozilla/5.0 (X11; U;
Linux i686; en-US; rv:1.9.2.15) Gecko/20110303 Ubuntu/10.04 (lucid)
Firefox/3.6.15”

tail -n 1 /var/log/apache2/sandbox01.powercraft.nl/access-default.log

192.168.24.62 - - [19/May/2011:15:42:41 +0200] “GET
/themes/garland/print.css?1 HTTP/1.0” 304 173
http://sandbox01.powercraft.nl/admin/settings” “Mozilla/5.0 (X11; U;
Linux i686; en-US; rv:1.9.2.15) Gecko/20110303 Ubuntu/10.04 (lucid)
Firefox/3.6.15”

192.168.24.62 is the IP of the nginx server

Any ideas? Tips?

Kind regards,

Jelle de Jong

5

Hi,

Did you try “proxy_set_header X-Real-IP $remote_addr;” ?

A.


Take a break. Visit nginx-land: http://www.nginx-discovery.com :wink:

On Thu, May 19, 2011 at 2:29 PM, Jelle de Jong

6

Hello,

On Thu, May 19, 2011 at 3:46 PM, Jelle de Jong
[email protected] wrote:

listen 80;
109.32.215.197 - - [19/May/2011:15:42:41 +0200] “GET
Firefox/3.6.15”

192.168.24.62 is the IP of the nginx server

Any ideas? Tips?
Sorry, I was assuming you were doing something else with the IP in the
backend than logging. As far as I know the default logging for Apache
uses variable %a which is always set to the other end of the socket
(sandbox01.powercraft.nl in your example). Maybe you could configure
your Apache logs to use %{X-Real-IP}i instead. There you should see
what you expect in the Apache logs.

Good luck with it,

A.


Take a break. Visit nginx-land: http://www.nginx-discovery.com :wink: