Forward real IP through Haproxy => Nginx => Unicorn

Posted by Hendrik on Server Fault See other posts from Server Fault or by Hendrik
Published on 2012-07-11T11:20:00Z Indexed on 2012/07/11 15:17 UTC
Read the original article Hit count: 326

Filed under:
|
|
|

How do I forward the real visitors ip adress to Unicorn? The current setup is:

Haproxy => Nginx => Unicorn
  1. How can I forward the real IP address from Haproxy, to Nginx, to Unicorn? Currently it is always only 127.0.0.1
  2. I read that the X headers are going to be depreceated. http://tools.ietf.org/html/rfc6648 - how will this impact us?

Haproxy Config:

# haproxy config
defaults
    log global
    mode    http
    option  httplog
    option  dontlognull
    option httpclose
    retries 3
    option redispatch
    maxconn 2000
    contimeout  5000
    clitimeout  50000
    srvtimeout  50000

# Rails Backend
backend deployer-production
    reqrep    ^([^\ ]*)\ /api/(.*)  \1\ /\2
    balance     roundrobin
    server      deployer-production localhost:9000 check

Nginx Config:

upstream unicorn-production {
  server unix:/tmp/unicorn.ordify-backend-production.sock fail_timeout=0;
}

server {
  listen 9000 default;
  server_name manager.ordify.localhost;
  root /home/deployer/apps/ordify-backend-production/current/public;
  access_log /var/log/nginx/ordify-backend-production_access.log;
  rewrite_log on;

  try_files $uri/index.html $uri @unicorn;

  location @unicorn {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_redirect off;
    proxy_pass http://unicorn-production;

    proxy_connect_timeout 90;
    proxy_send_timeout 90;
    proxy_read_timeout 90;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 4G;
  keepalive_timeout 10;
}

© Server Fault or respective owner

Related posts about nginx

Related posts about http