0

I am configuring Tuleap on Apache ReverseProxy from CentOS Nginx.

Tuleap is running successfully on CentOS and is accessible.

After configuring the reverse proxy which i am already using for glassfish and another apache server with same configuration is working fine. But nginx displays only the localhost page.

See the configuration file of nginx tuleap host and apache reverseproxy host

nginx configuration:

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections  1024;
}


http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
}

tuleap host on nginx:

upstream tuleap {
    server 127.0.0.1:8080;
}

server {
        listen       443 ssl;
        server_name  tuleap.cent.example.com;

        ssl_certificate /etc/pki/tls/certs/localhost.crt;
        ssl_certificate_key /etc/pki/tls/private/localhost.key;
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;

        # intermediate configuration. tweak to your needs.
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers '';
        ssl_prefer_server_ciphers on;

        # Tweak for file upload and SVN
        client_max_body_size 64M;

        include conf.d/tuleap.d/*.conf;

        # Available here in case of emergency, uncomment the
        # line below (and comment the line above)
        #include conf.d/tuleap-apache.proxy;
}

server {
    listen       80;
    server_name  tuleap.cent.example.com;
    # Tweak for file upload and SVN
    client_max_body_size 64M;
    include conf.d/tuleap.d/*.conf;
}

apache reverseproxy conf:

<VirtualHost *:443>
    ServerName bugs.example.org
    SSLEngine On
    SSLCertificateFile "/etc/letsencrypt/live/bugs.example.org/fullchain.pem"
    SSLCertificateKeyFile "/etc/letsencrypt/live/bugs.example.org/privkey.pem"
    ProxyRequests Off
    ProxyPreserveHost On
    AllowEncodedSlashes NoDecode

    ProxyPass / http://tuleap.cent.example.com/ nocanon
    ProxyPassReverse / http://tuleap.cent.example.com/
    ProxyPassReverse / http://bugs.example.org/

    <Proxy *>
        Order deny,allow
        Allow from all
        Require all granted
    </Proxy>

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>
</VirtualHost>

Please let me know if there is any need to update nginx configuration file.

Vipin Jain
  • 121
  • 10

1 Answers1

0

Try adding

proxy_set_header Host $http_host;

What happens is that when proxying your requests it uses http://127.0.0.1:8080/ address without setting proper host header which is taken care in apache by

ProxyPreserveHost On
Maciej Asembler
  • 116
  • 2