I have the following nginx setup:
location = /novnc-auth {
internal;
# calls the django view below
proxy_pass http://127.0.0.1:8000/api/proxmox/novnc-connection-lookup/$cookie_novnc/;
# set $pve $upstream_http_pve;
# set $vmhhost $upstream_http_vmhhost;
}
location = /novnc/ {
auth_request /novnc-auth;
auth_request_set $vmhhost $upstream_http_vmhhost;
auth_request_set $pve $upstream_http_pve;
proxy_set_header Cookie 'PVEAuthCookie=$pve';
proxy_pass https://$vmhhost;
}
location ~ /vncproxy/ {
auth_request /novnc-auth;
auth_request_set $vmhhost $upstream_http_vmhhost;
auth_request_set $pve $upstream_http_pve;
proxy_set_header Cookie 'PVEAuthCookie=$pve';
proxy_pass https://$vmhhost;
}
django view
def view(self, ...):
data = json.loads(data_string)
resp = HttpResponse(data_string)
resp['Pve'] = data['pve']
resp['Vmhhost'] = data['host']
return resp
A popup html window opens at /novnc/
, which subsequently fires an ajax call to /vncproxy/
.
The problem I am having is, first call to /novnc/
worked as it should, performs auth_request
fine, but then when an ajax call to /vncproxy/
it hangs on the auth_request
part and giving me upstream timed out (110: Connection timed out) while reading response header from upstream
then auth request unexpected status: 504 while sending to client, client
2
Answers
I figured it out by following the example, the problem is that I needed to set the following, I just realised ajax call was making a POST method
I digged into it and have build a Poc that had a similiar problem till I removed the
not_modified
headersin my
auth_request
backend mockhttp://127.0.0.1:8080/;
. This mocks your auth-app running on port8000
.My index.html file loaded includes an XHR-Request that will triggered as soon as I load the page.
The debug-log of NGINX is showing that the
auth_request
was triggered twice and called successfully.Your error says it can connect to the upstream but failed to receive the http header. Are you able to share the debug logs from that request? Another test you can try is to use some fake auth server like I did and see if that is working with your JavaScript Frontend to determine where the problem sits.