Nginx proxy pass with redirect not working

flyingfox
September 18, 2023
237 views
3 votes
3 Answers

I have a server with IP 192.168.1.10 and it installed a system called kubesphere,the access address is http://192.168.1.10:30880.

When we first visit it,it will redirect to a login page to let us login,after that we can go the homepage of it,the redirect code is similar to below(it ends with a slash)

<a href="/login" target="_blank">Login</a>

Now I installed nginx on another server with ip 192.168.1.15,and I want to access the system via nginx,thus I added code listed below:

  location  /kubesphere/ {
          proxy_pass  http://192.168.1.10:30880;

          proxy_set_header Host $host:$server_port;
          proxy_set_header REMOTE-HOST $remote_addr;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_connect_timeout 600;
          proxy_send_timeout 600;
          proxy_read_timeout 600;
          send_timeout 600;
  }

But when I type http://192.168.1.15/kubesphere on browser,it will give me a 404 Not Found response,checking nginx log I found below message

2023/09/05 15:09:54 [error] 51162#51162: *9802010 open() "/usr/share/nginx/html/login" failed (2: No such file or directory)

The redirect command is not redirect to http://192.168.1.10/login and it visit /usr/share/nginx/html/login instead,which make it not working as expected,the expected url is http://192.168.1.10.30880/login after using proxy_pass,but I can not do it myself.

I have tried a lot,including chatGPT and HoHoGPT but still not get a solution,can anyone help me,please?

Thanks in advance!

Update:
An available test address is http://182.92.238.5:30880/ ,we can use it for test!

I need to http://192.168.1.15/kubesphere ,which means the actual ip and port should never appear on the browser!

Tags: nginx

Answers

- Geilmaker
- September 7, 2023 at 12:54 pm
- 0 votes
0
Thanks for the test address, that was actually pretty helpful.

Your problem is not related to nginx. The reverse proxy part is working fine, nginx gets the request and forwards it to the application successfully. Then the application sends a redirect to /login. That means that the browser does exactly this, it redirects to <host>/login. To solve your problem, you need to let kubesphere know, that it is running on a subpath (/kubesphere) so it can create its redirects accordingly (<host>/kubesphere/login). Unfortunatly I couldn’t find any easy way to do this by just using google, but I’m also not into the kubesphere software. Maybe these information help you to solve the problem. If you find a way to tell kubesphere it’s running on a subpath, it will create the correct redirects and it will be working fine.

Currently the redirects will only work when kubesphere is running on the root path. An option would be to work with subdomains, in case you will work with domains and not IP addresses.

Hope it helps 🙂

Login or Signup to reply.

- ARCX
- September 7, 2023 at 1:55 pm
- 0 votes
0
For your issue try Nginx rewrites instead of proxy passes.
```
rewrite ^/(.*)$ http://182.92.238.5:30880/$1 permanent; 
```
Below is the explanation;
1. ^/(.)$: This is a regular expression pattern that matches any URI (Uniform Resource Identifier) path. Here’s what it means:
  ^: Anchors the pattern to the start of the string.
  /: Matches the forward slash character, which is a common delimiter in URIs.
  (.): This part is a capturing group ((…)), and .* matches zero or more of any character (.) except a newline. This effectively captures any string of characters that follow the initial forward slash.
  
  So, this regular expression captures the entire URI path.
2. http://182.92.238.5:30880/$1: This is a redirect URL. It specifies where the server should send the client’s request after matching the regular expression pattern.
  http://182.92.238.5:30880/: This is the base URL where the request will be redirected.
3. $1: This is a backreference to the captured group from the regular expression. In this case, it refers to the entire URI path that was captured by (.*). The captured path will be appended to the base URL.
4. permanent;: This part specifies the type of HTTP redirect. In this case, it’s a "permanent" redirect, which means the client’s browser will cache this redirect and use it for subsequent requests to the same URI.
Putting it all together, this configuration rule is saying:

"Redirect any URI path (^/(.*)$) to http://182.92.238.5:30880/ followed by the captured path ($1), and make this redirect permanent."

For example, if a client requests http://example.com/some/path, it will be permanently redirected to http://182.92.238.5:30880/some/path.

So, finally, replace your location block with below,
```
 location  /kubesphere/ {
          rewrite ^/(.*)$ http://182.92.238.5:30880/$1 permanent;
          proxy_set_header Host $host:$server_port;
          proxy_set_header REMOTE-HOST $remote_addr;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_connect_timeout 600;
          proxy_send_timeout 600;
          proxy_read_timeout 600;
          send_timeout 600;
  }
```
Login or Signup to reply.

- RezaAriyan
- September 13, 2023 at 6:44 pm
- 0 votes
0
It looks like the issue is with your nginx proxy configuration. To fix it, update your nginx configuration with the following code:
```
location /kubesphere/ {
    proxy_pass http://192.168.1.10:30880/;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
```
After making these changes, restart nginx. This should redirect requests to the login page correctly without exposing the IP and port in the browser. You can test it using the provided test address "http://182.92.238.5:30880/".
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.