Reverse-Proxy-Server

  1. ‹ Older
  2. 2 years ago

    Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    ah, ok what read here: http://john-joyce.com/xojo-and-load-balancing-with-haproxy/

    I cannot set up a reverse proxy using nginx where several users comes from the same IP (for example when they are in the same office).

    So I need HAProxy right?

  3. Tomas J

    22 Mar 2017 Pre-Release Testers, Xojo Pro Europe (Germany)
    Edited 2 years ago

    Sorry I am only familiar with apache2, where you need to enable mod_proxy and settings this in the config file. And no, basically nginx should do quite the same job if you are accessing your web with public URL. I see no need for an additional haproxy except when it comes to LB.

    https://www.nginx.com/resources/admin-guide/reverse-proxy/

  4. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    Thanks Tomas,

    I configured it in this way, that if someone calls a subfolder "via" the traffic has to delivers to the app, whis is running on port 34001:

    location /via/ {
    	proxy_buffering off;
    	proxy_read_timeout 5m;
    	proxy_pass http://93.90.178.92:34001;
    }

    But if I call the url "http2://vms2-via-cloud.de/via", the 404 Error occurs.

    What do I wrong?

  5. Tomas J

    22 Mar 2017 Pre-Release Testers, Xojo Pro Europe (Germany)

    I have to pass this to somebody else with deeper knowledge of nginx... your stand alone server listens to this port? try to access it from the inside on http://93.90.178.92:34001

  6. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)
    Edited 2 years ago

    http://93.90.178.92:34001 works!

    the reverse proxy not
    :/

  7. Patrick L

    22 Mar 2017 Pre-Release Testers, Xojo Pro
    Edited 2 years ago

    Hi Lars,

    I think that the way your config is written, the /via/ gets passed to the proxy path. Try adding a slash to the end of proxy_pass:

    proxy_pass http://93.90.178.92:34001/;

    Have a look at
    https://www.digitalocean.com/community/tutorials/understanding-nginx-http-proxying-load-balancing-buffering-and-caching#deconstructing-a-basic-http-proxy-pass

    Having said that, I am struggling with trying to do the same as you (instead of connecting directly to a port other than 80 or 443).
    I always get the Xojo "Server disconnected" text (but without any images). It's like Xojo loads the framework but is then unable to talk to it.

    The only method I have seen work so far (on these forums) is to use unique subdomains for your webapps (app1.example.com , app2.example.com ) and have the config location set to / for each.

  8. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)
    Edited 2 years ago

    @Patrick L Try adding a slash to the end of proxy_pass

    thanks, this helps a bit. Now I get the connection to the app.

    But like you, the app isn't able to establish a connection:
    http://vms2.via-cloud.de/via/

    It seems, that the ressources aren't pass thru the proxy:

    GET http://vms2.via-cloud.de/framework/framework.js 

    -> the framework ist located under "http://vms2.via-cloud.de/...", but under "http://vms2.via-cloud.de:34001/..."

    How can I map this to right locaion?

  9. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)
    Edited 2 years ago

    Starting it from the root directory of the subdomain works well.

    Except of some 504 Errors which I discuss on another threat here

  10. Patrick L

    22 Mar 2017 Pre-Release Testers, Xojo Pro
    Edited 2 years ago

    Adding yet another location for "framework" gets the images, but Xojo then uses what looks like a UUID for the comms and that, of course, fails.

            location /framework/ {
                    proxy_buffering off;
                    proxy_read_timeout 5m;
                    proxy_pass http://93.90.178.92:34001/framework/;
            }

    It would be good if someone from Xojo could explain how the webapp determines the URI, or if it can only use the domain name (in which case, this approach cannot work unless the webapp can somehow be forced to use a given subdirectory after the domain name. Feature request for a comman line option...?)

  11. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    Is there a xojo staff member, which can help?

    How can we map thru the UUIDS for the comms?

  12. Kevin W

    22 Mar 2017 Pre-Release Testers, Xojo Pro

    Sounds like you need to use "location /" in your settings. You don't want to be trying to piece together every url, just forward everything to the xojo app.

  13. John J

    22 Mar 2017 Pre-Release Testers, Xojo Pro Cleveland, Ohio

    I would recommend you set up a separate subdomain for the app instead of routing by a directory name - is that an option for you?

  14. Lars L

    23 Mar 2017 Europe (Germany, Chemnitz)

    Yes, I brought it to live while using an own supdomain for the app. That works.

    Plesk only supports the proxy-configuration for subfolders. So I had to change the nginx.conf file by my self, which is originally generated by Plesk. Unfortunately everytime I make some changes on the subdomain, I have manually reconfigure this file again because Plesk overwrites it.

    But yea, subdomains working!

    also with ssl!

  15. Tomas J

    23 Mar 2017 Pre-Release Testers, Xojo Pro Europe (Germany)
    Edited 2 years ago

    Nice to hear this! congrats and yes in such cases plesk or other admin tools like webmin (my favorite) are at their limits. For direct editing I am using mc / mcedit instead of vi or other editors... hounting shadows of my past MSDOS and Norton Commander times ;-)

  16. John J

    23 Mar 2017 Pre-Release Testers, Xojo Pro Cleveland, Ohio

    Good to hear it Lars! Something else you can do is change the permissions on your config file to prevent writing (assuming you have root/sudo access). Then Plesk will not be able to overwrite it.

  17. Tomas J

    10 Apr 2017 Pre-Release Testers, Xojo Pro Europe (Germany)
    Edited 2 years ago

    I'll bring up this thread cause I've spend my weekend and monday on similar problem bringing my OnlyOffice App Server to work behind Apache2 reverse proxy. Finally the trick was to use on both ends https encryption. Regardless if it's a private or public cert. The combination of http in the intranet and https to the world may cause headaches.

    If somebody is interesed in more details: https://help.nextcloud.com/t/onlyoffice-behind-reverse-proxy-doesnt-work-please-help

    Call me Apache-Woodoo-Master... and now I am proud to have my own and secure cloud solution. Nextcloud and OnlyOffice. A strong combination! And by the way: Bye Bye iCloud! :-)

  18. 7 days ago

    Daniel W

    Nov 7 Australia
    Edited 7 days ago

    @Patrick L Having said that, I am struggling with trying to do the same as you (instead of connecting directly to a port other than 80 or 443).
    I always get the Xojo "Server disconnected" text (but without any images). It's like Xojo loads the framework but is then unable to talk to it.

    I am having the exact same issue. I have multiple web app instances running on a server. I want to use relative paths to route traffic to different webapps depending on the path.

    ...location / {
    		proxy_pass http://127.0.0.1:800/;
    
    	}
    
    	location /manage {
    		proxy_pass http://127.0.0.1:8070/;
    	}...

    The first one works fine, but the /manage path behaves as described above.

    Any ideas?

    Edit: subdomains aren't an option as service will be deployed to many different domains and IPs.

  19. Lars L

    Nov 8 Europe (Germany, Chemnitz)

    First: I would recommend that you only use port numbers above of 9000. Under this, there is a high chance, that another software is using this already.

    Second: Do I get you right, that the App on port 900 works, but not the app on port 8070? Did you tried another port for the second app?

    Third: Is the app on port 8070 really running? Did you checked this with 'top'?

    Last: Is your app daemonized? Do you use the unhandledException event? It seems that your app crashes on startup. Is that possible?

    After this clearifications we can start to inspect your nginx settings and behaviour ;-)

  20. 6 days ago

    John J

    Nov 8 Pre-Release Testers, Xojo Pro Cleveland, Ohio

    Perhaps the xojo app is sending data that has URLs in it that are not coded for your app directory proxy setup. For instance, when someone hits https://yourserver.com/manage the server includes responses with links like this "/framework/some.file" or the like. Paths that don't include the "/manage/" part - so those requests are being routed elsewhere. That may explain why the bare root path works and the subfolder root path does not.

    So you might need nginx to rewrite URLs in the RESPONSES from the xojo app to correct the directory.

    something like:

    location /manage {
    		proxy_pass http://127.0.0.1:8070/;
    		sub_filter 'href="/' ''href="/manage/';
    		sub_filter 'src="/' ''src="/manage/';
    		sub_filter_once off;
    	}

    This will require some playing around to get just right, but I think you understand the basic problem. The output from the app contains root-based links that do not include your /app/ directory. Note, the substitutions module may or may not be enabled by default in your nginx installation.

  21. Daniel W

    Nov 8 Australia

    Thanks Lars,

    Thanks for the advice. Is this true if you have complete control over the server the software is running?

    @Lars L Second: Do I get you right, that the App on port 900 works, but not the app on port 8070? Did you tried another port for the second app?

    location / {
    		proxy_pass http://127.0.0.1:800/;
    }

    This works as like John mentioned, Xojo doesn't route request via the path it was loaded from. (does that make sence?)

    I did check that the app was working by entering http://127.0.0.1:8070 into my browser.

    @John J So you might need nginx to rewrite URLs in the RESPONSES from the xojo app to correct the directory.

    Thanks John! I was hoping there was a way, I'll test that and let you know how it goes.

or Sign Up to reply!