I have a vhost running on nginx/1.15.6,
https://example.com
I have a standalone API service (fwiw, Gentics Mesh) running at
http://mesh.example.com
It exposes its UI, per its own config as
apiUrl: '/api/v1/',
Browsing to the direct link, Mesh responds as expected, correctly
rendering/displaying its UI Login Form. With curl,
curl -i http://mesh.example.com:8080
HTTP/1.1 302 Found
Location: /mesh-ui/
Content-Length: 0
I want to expose that UI at an Nginx site custom path.
https://example.com/mesh
For now, both run on the same machine/IP,
host example.com
10.1.2.3
host mesh.example.com
10.1.2.3
In Nginx vhost config, I've tried to set up a proxy as
upstream meshproxy {
server 10.1.2.3:8080;
}
server {
listen 10.1.2.3:443 ssl http2;
server_name example.com;
...
location ~ /mesh/ {
proxy_set_header Accept 'application/json';
proxy_set_header Content-Type 'application/json';
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
proxy_connect_timeout 5;
proxy_http_version 1.1;
proxy_intercept_errors on;
proxy_read_timeout 240;
proxy_pass http://meshproxy;
proxy_redirect off;
}
...
}
With that config, browser access to
https://example.com/mesh
doesn't display the intended Mesh UI. Instead, it displays a response of
{
"message" : "Not Found",
"internalMessage" : "The rest endpoint or resource for given path
{/mesh/} could not be found. Please verify that your Accept header is set
correctly. I got {application/json}. It must accept {application/json}"
}
Testing GET with curl, at that link, currently returns 403,
curl --include --http2 --ipv4 --ssl --tlsv1.2 --key-type PEM
--cert-type PEM --key /ssl/client.key.pem --cert /ssl/client.crt.pem --cacert
/ssl/CA.crt.pem -X GET https://example.com/mesh/
HTTP/2 403
date: Sat, 10 Nov 2018 14:58:24 GMT
content-type: text/html; charset=utf-8
content-length: 146
vary: Accept-Encoding
secure: Server
x-content-type-options: nosniff
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
I have no idea yet why it's 'Forbidden'.
I'm guessing the problem is something in my Nginx config?
What config needs change/addition to get that API UI 'exposed' correctly in the
Nginx custom path?
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
