Port forwarding from internet to internal nginx ssl reverse proxy

by Sina   Last Updated January 05, 2018 15:00 PM

I am trying to configure a dockerized nginx ssl reverse proxy, which is forwarding requests to another container next door to it, which is listening for ssl connections on port 8443. I am trying to forward requests from the internet on port 1111 to the internal nginx proxy, listening on 443. So <internet requests> -> router:1111 -> nginx_container:443 -> backend_app_container:8443. I am having different results when I try to connect to it from the internet. The first page works, but POSTing authentication results in 302 redirection which fail. My current configuration is like this:

    server  {

  listen  80;   
  #server_name  *.domain.com;
  return 301 https://$host$request_uri;
}

server  {
  listen  443 ssl;   
  #server_name <my_site>.com;
  ssl  on;
  location  / {
    return  404;
  }
}

server  {
  listen  *:443 default ssl;
  location  / {
    proxy_set_header   Host             $host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

    proxy_pass  https://backend_app:8443/;
    proxy_redirect off;
  }

  proxy_set_header Host $http_host;
  proxy_set_header X-Forwarded-For $remote_addr;
  proxy_set_header X-Forwarded-Proto $scheme;
}

Getting to the first page works sometimes and doesnt other times, failing with a 302 timeout:

internet_host_1 - - [05/Jan/2018:14:30:57 +0000] "GET /backend_app/static/cozmQY8MS7QySFhOmPMMiatlibNLY61rwdkq7L64XXJ.js HTTP/1.1" 200 52923 "https://router:1111/backend_app/login/auth" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" "-"

internet_source_3 - - [05/Jan/2018:14:31:05 +0000] "GET /backend_app HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "-"
internet_source_3 - - [05/Jan/2018:14:31:41 +0000] "GET /backend_app/ HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "-"

Trying to login times out with a 302 error as well:

internet_host_1 - - [05/Jan/2018:14:32:02 +0000] "POST /backend_app/j_spring_security_check HTTP/1.1" 302 0 "https://router:1111/backend_app/login/auth" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" "-"

Please what am I doing wrong? I am very confused.



Related Questions


How to route HTTPS URLs through a virtual environment

Updated October 05, 2017 19:00 PM