0

I have a Ethernet Over USB device that i connect to PC01.example.com that must reach serverA.example.com with an https get call. Unfortunatly i cannot set a gateway on the device to make serverA reachable so i installed the stable version of nginx on PC01 and configured the server like this:

events {}

http {
    include       mime.types;
    default_type  application/octet-stream;

    server {
        listen 80;
        server_name myserver_80;
        return 301 https://$host$request_uri;  # Redirect HTTP a HTTPS

        location / {
            root   C:/nginx-1.26.1/html;
            index  index.html index.htm;
        }
    }

    server {
        listen 443 ssl;
        server_name myserver_443;

        ssl_certificate C:/nginx-1.26.1/ssl/certificate.crt;
        ssl_certificate_key C:/nginx-1.26.1/ssl/private.key;

        location /myapp{
            proxy_pass https://backend_upstream;

            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            proxy_pass_header Authorization;

            # Timeout settings
            proxy_connect_timeout 60s;
            proxy_send_timeout 60s;
            proxy_read_timeout 60s;
        }
    }

    upstream backend_upstream {
        server serverA.example.com;
    }
}

Now, the address serverA.example.com really is a load balancer with ip '203.0.113.2' and that's the problem:

when i call https://serverA.example.com/myapp nginx translates the address to https://203.0.113.2/myapp and of course the call fails with a 502 Bad Gateway error because there is no web service on the load balancer at 203.0.113.2.

Is there a way to force nginx to use the fqdn for the upstream? Or, there is any other configuration i can change to make it work?

Some notes:

  1. nginx certificates are self signed
  2. the real ip of serverA.example.com is on another subnet and it's not reachable from PC01 without using the load balancer.
  3. if i call curl -k https://serverA.example.com/myapp/health from PC01 it works fine
  4. if i call curl -k https://203.0.113.2/myapp/health from PC01 it doesn't work
  5. if i call curl -k https://localhost/myapp/health from PC01 it doesn't work (of course)

I thought about adding a resolver to the configuration, but i am not sure what should i set it to.

i have tried various configurations, for example changing

proxy_set_header Host $host;

to

proxy_set_header Host serverA.example.com;

but nothing changed

Improve this question
7
  • have a USB device that i connect to PC01.example.com that must reach serverA.example.com makes no sense. If you USB device needs to reach serverA.example.com, why the setup with nginx?
    – Marc
    Commented Jul 3 at 10:00
  • it is a USB device that uses Ethernet Over USB, i will edit the question
    – Francesco Rogo
    Commented Jul 3 at 10:04
  • I think you have here a X/Y problem. If your USB Device needs to reach server A, this whole NGINX setup makes no sense. What kind of USB device is that? (I read some kind of Ethernet Over USB) Since when does a USB device HTTP requests? nginx translates the address to https://203.0.113.2/myapp (not sure if undestan that part correctly) why is this a problem? If you Loadbalancer's ip is "203.0.113.2" and nginx forward requests to that IP, where is the problem?
    – Marc
    Commented Jul 3 at 13:29
  • USB device is a spectroscopic detector that send the acquired data to a rest server that saves everything on a database. When USB is connected it creates a local network with the host, but without a gateway. nginx resolve the upstream using the ip address, not the fqdn resulting in the fail of the call to the load balancer. The problem is that the balancer doesnt have a web service answering http calls on port 80 and calling it that way it doesn't know where the call must be redirected (i guess).
    – Francesco Rogo
    Commented Jul 3 at 14:02
  • Let me get this right. Your "spectroscopic detector" sends/init a HTTP Request to server example.org/203.0.113.2? (Over the Ethernet interface created via USB?)
    – Marc
    Commented Jul 3 at 14:16
Related questions
2
How to point many paths to proxy server in nginx
1138
Node.js + Nginx - What now?
0
How to load balance wso2 1.9.0 with NGINX 1.6.2
Load 3 more related questions Show fewer related questions

0

Reset to default

Browse other questions tagged or ask your own question.