I have a Ethernet Over USB device that i connect to PC01.example.com that must reach serverA.example.com with an https get call. Unfortunatly i cannot set a gateway on the device to make serverA reachable so i installed the stable version of nginx on PC01 and configured the server like this:
events {}
http {
include mime.types;
default_type application/octet-stream;
server {
listen 80;
server_name myserver_80;
return 301 https://$host$request_uri; # Redirect HTTP a HTTPS
location / {
root C:/nginx-1.26.1/html;
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name myserver_443;
ssl_certificate C:/nginx-1.26.1/ssl/certificate.crt;
ssl_certificate_key C:/nginx-1.26.1/ssl/private.key;
location /myapp{
proxy_pass https://backend_upstream;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_header Authorization;
# Timeout settings
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
}
upstream backend_upstream {
server serverA.example.com;
}
}
Now, the address serverA.example.com really is a load balancer with ip '203.0.113.2' and that's the problem:
when i call https://serverA.example.com/myapp nginx translates the address to https://203.0.113.2/myapp and of course the call fails with a 502 Bad Gateway error because there is no web service on the load balancer at 203.0.113.2.
Is there a way to force nginx to use the fqdn for the upstream? Or, there is any other configuration i can change to make it work?
Some notes:
- nginx certificates are self signed
- the real ip of serverA.example.com is on another subnet and it's not reachable from PC01 without using the load balancer.
- if i call
curl -k https://serverA.example.com/myapp/health
from PC01 it works fine - if i call
curl -k https://203.0.113.2/myapp/health
from PC01 it doesn't work - if i call
curl -k https://localhost/myapp/health
from PC01 it doesn't work (of course)
I thought about adding a resolver to the configuration, but i am not sure what should i set it to.
i have tried various configurations, for example changing
proxy_set_header Host $host;
to
proxy_set_header Host serverA.example.com;
but nothing changed
have a USB device that i connect to PC01.example.com that must reach serverA.example.com
makes no sense. If you USB device needs to reach serverA.example.com, why the setup with nginx?nginx translates the address to https://203.0.113.2/myapp
(not sure if undestan that part correctly) why is this a problem? If you Loadbalancer's ip is "203.0.113.2" and nginx forward requests to that IP, where is the problem?