Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to configure nginx X-Forwarded-Port to be the originally request port

I am using nginx in a standard reverse proxy scenario, to pass all requests to /auth to another host, however I'm trying to use non-standard ports.

My end goal is to have the X-Forwarded-Port header set to the port that the request comes in on.

Here is my location block in nginx.conf:

location /auth/ {
    proxy_pass       http://otherhost:8090;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Port <VAR>;
}

This nginx is running in a docker container, that is configured to forward requests from 8085 into 80 in the container, such that the nginx process is listening on 80:

0.0.0.0:8085->80/tcp

When I hit the URL:

http://localhost:8085/auth/

I am correctly redirected to http://otherhost:8090, but the X-Forwarded-Port header is missing or wrong.

Where I have <VAR> in the original block, I have tried the following:

  • $server_port - This is the port nginx is listening on (80), not the request port.

  • $pass_port - Seems to be null in my setup, so nginx drops the header.

  • $http_port - This is a random port per request.

  • $remote_port - This is a random port per request.

I can change my config at deploy time to hardcode to the known port of incoming requests, but ideally I would be able to change the front port without any change to the nginx config.

I've scoured the nginx variable list but can't find anything like $request_port. Is there any way for me to achieve my intent?

like image 827
Andrew Stubbs Avatar asked Mar 10 '20 11:03

Andrew Stubbs


People also ask

How do I add X forwarded to NGINX?

Option 1 - Altering the log directive format This option can be implemented whether or not the --with-http_realip_module was specified at compilation, and modifies the format for the access_log directive to include the X-Forwarded-For Header contents. In the configuration file /etc/nginx/nginx.

What is X forwarded port?

The X-Forwarded-Port request header helps you identify the destination port that the client used to connect to the load balancer.

Is Nginx a forward proxy?

Forward proxy is something the client sets up in order to connect to rest of the internet. In turn, the server may potentially know nothing about your forward proxy. Nginx is originally designed to be a reverse proxy, and not a forward proxy. But it can still be used as a forward one.

How do I change the port number in Nginx?

To begin with, open Nginx configuration file with a text editor, and change the port number as shown in the below excerpt. In this excerpt we’ll configure Nginx HTTP server to listen for incoming connections on port 3200.

How do I use X-Forwarded-For IP with nginx?

This makes the solution very simple: all you need to do is configure your server to use the client information from X-Forwarded-For IP when processing data, and not the client IP address it is receiving directly. Nginx is a web server that can act as a reverse proxy as well as a load balancer.

Does Nginx listen on port 443?

However, the TLS configuration, which is not enabled by default in Nginx, listens for secure connections on port 443. In order to make Nginx HTTP server to listen for incoming web connections on other non-standard ports, we need to edit the main configuration file and change or add a new statement to reflect this fact.


2 Answers

The only workaround I've found is to use a map rule to get the port from the http_host variable e.g.

    map $http_host $port {
      default 80;
      "~^[^\:]+:(?<p>\d+)$" $p;
    }
like image 182
pditommaso Avatar answered Oct 19 '22 01:10

pditommaso


This is a just rough idea to write Nginx conf, but I am sure this can help you in redirection

server {    
    listen 80;  
    server_name host.docker.internal;   

    # By default land on localhost:80 to root so in root we copied UI build to the ngnix html dir.
    # have a look to docker-compose uiapp service.
    location / {    
            root   /usr/share/nginx/html;   
            index  index.html index.htm;    
    }   

   # after location add filter, from which every endpoint starts with or comes in endpoint 
   # so that ngnix can capture the URL and reroute it.
   # like /backend/getUserInfo/<UserId> 
   # In above example /backend is that filter which will be captured by Ngnix and reroute the flow.
    location /backend { 
        proxy_set_header X-Forwarded-Host $host;    
        proxy_set_header X-Forwarded-Server $host;  
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        #proxy_pass http://<ContainerName>:<PortNumber>; 
        # In our case Container name is as we setup in docker-compose `beservice` and port 8080
        proxy_pass http://beservice:8080;   
    }   
}

For more details you can have a look at this project

https://github.com/dupinder/NgnixDockerizedDevEnv

like image 24
Dupinder Singh Avatar answered Oct 19 '22 03:10

Dupinder Singh