Issue in nginx proxying to apache

Posted by Luis Masuelli on Server Fault See other posts from Server Fault or by Luis Masuelli
Published on 2014-08-22T20:54:25Z Indexed on 2014/08/22 22:22 UTC
Read the original article Hit count: 237

Filed under:
|
|

My current nginx configuration is as follows:

specific configuration for (currently two) domains:

server {
    listen 443 ssl;
    server_name studiotv.service.tebusco.lan phpmyadmin.service.tebusco.lan;
    ssl_certificate /home/administrador/nginx-confs/ssl/service.tebusco.lan.crt;
    ssl_certificate_key /home/administrador/nginx-confs/ssl/service.tebusco.lan.key;
    location / {
        proxy_pass http://127.0.0.1:8180;
        proxy_set_header Host $http_host:8180;
    }
}

default configuration for unmatched ssl connections:

server {
    listen 443 default ssl;
    ssl_certificate /home/administrador/nginx-confs/ssl/service.tebusco.lan.crt;
    ssl_certificate_key /home/administrador/nginx-confs/ssl/service.tebusco.lan.key;
    location / {
        return 403;
    }
}

http configuration:

server {
    listen 80;
    rewrite ^ https://$host$request_uri? permanent;
}

The intention is clear:

  • Redirect http traffic to https.
  • Proxy each https:// call from phpmyadmin.service.tebusco.lan and studiotv.service.tebusco.lan to apache2. This includes passing a host header, which is detected.
  • Each unmatched ssl connection must return a 403 in nginx. Does not even reach apache2.

In the apache2 side of the life, I have a default site, and a non-default site which will match studiotv.service.tebusco.lan:

000-default.conf file (available and enabled):

<VirtualHost 127.0.0.1:8180>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.

    ServerName localhost
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    <Directory /var/www/html>
        Order deny,allow
        Require all granted
    </Directory>
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

studiotv.conf file (available and enabled):

<VirtualHost *:8180>
    ServerName studiotv.service.tebusco.lan
    ServerAdmin [email protected]
    DocumentRoot /var/www/studiotv

    <Directory /var/www/studiotv/>
        Options -Indexes +FollowSymLinks
        AllowOverride None
        Order deny,allow
        Allow from all
        Require all granted
    </Directory>

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    # No usamos ${APACHE_LOG_DIR} sino en su lugar /var/log/<host>
    ErrorLog /var/log/apache2/studiotv/error.log
    CustomLog /var/log/apache2/studiotv/access.log combined
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

However, when I hit the browser with http://studiotv.service.tebusco.lan, the default php page is shown instead.

Question: What am I missing? (apache 2.4.7, nginx 1.6.0, ubuntu server 14.04).

© Server Fault or respective owner

Related posts about nginx

Related posts about apache-2.4