Hello,
I have many Perspective projects running on a local server. I'm triying to use a Nginx reverse proxy to use different domains.
For example I want to use:
- https://myproject1.com and it must be proxied to http://local-ignition:8088/data/perspective/client/project1
- https://myproject2.com and it must be proxied to http://local-ignition:8088/data/perspective/client/project2
And so on...
I configured nginx using the manual page.
https://docs.inductiveautomation.com/display/DOC81/Defining+SSL+on+a+Perspective+Reverse+Proxy
Also this thread has some caveats:
Reverse-proxy/rewrite for Perspective with Nginx, stuck on "Authenticating..."
And finally, another thread has the same problem:
If I access to https::/myproject1.com I get the login page like this:
But as soon I click the button I get this:
The nginx error logs shows nothing, but access log shows this:
As I can see, is that the button redirects to an url not defined "undefined" but after this, the gateway serves a css from the "res" subfolder. Then this give the information that some parts of the proxy are working correct.
My nginx configuration is this:
/etc/nginx/sites-enabled/myproject1.com
server {
listen 443 ssl;
listen [::]:443 ssl;
include /etc/nginx/perspective_params;
include /etc/nginx/proxy_params;
server_name myproject1.com;
underscores_in_headers on;
# The next few location contexts define how to process resources required by the Perspective session.
# If the longest matching prefix location has the “^~” modifier then regular expressions are not checked.
location ^~ /data/ {
proxy_pass http://192.168.1.123:8088/data/;
include /etc/nginx/perspective_params;
include /etc/nginx/perspective_location_params;
}
location ^~ /system/ {
proxy_pass http://192.168.1.123:8088/system/;
include /etc/nginx/perspective_params;
include /etc/nginx/perspective_location_params;
}
location ^~ /res/ {
proxy_pass http://192.168.1.123:8088/res/;
include /etc/nginx/perspective_params;
include /etc/nginx/perspective_location_params;
}
location ^~ /idp/ {
proxy_pass http://192.168.1.123:8088/idp/;
include /etc/nginx/perspective_params;
include /etc/nginx/perspective_location_params;
}
location ^~ /.well-known/ {
proxy_pass http://192.168.1.123:8088/.well-known/;
include /etc/nginx/perspective_params;
include /etc/nginx/perspective_location_params;
}
# Here we are setting the protocol type, address, port, and uri (optional) that will be the destination of our proxied server:
location / {
proxy_pass http://192.168.1.123:8088/data/perspective/client/project1/;
include /etc/nginx/perspective_params;
include /etc/nginx/perspective_location_params;
}
ssl_certificate /etc/letsencrypt/live/myproject1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myproject1.com/privkey.pem; # managed by Certbot
}
server {
if ($host = myproject1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name myproject1.com;
}
/etc/nginx/perspective_params
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
/etc/nginx/perspective_location_params
proxy_set_header Host $host;
proxy_pass_request_headers on;
proxy_cache_bypass $http_upgrade;
/etc/nginx/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_intercept_errors on;
Anyone can help me.
Regards