I have a project which need to have multi-backup server. It is better to look at the below topology:
So, We will have 4 Remote Site Server which will act as Backup Server in case of Main server is down. In Normal condition Devices will connect to Remove Site Server IP and passthrough it to Mainserver. In case that Mainserver is down or Link from Remote Site Server to Main server is fail, then Remote Site Server will act as Mainserver and start serving services.
I know I can do this by using Nginx and use proxy_pass for tcp , but the thing that we have a dynamic port, for example.
The user can add port 4500 to server virtual server, and later add another port 45001 to be accessed by clients.
I'm now sure how to do it with Nginx.
Also, I have been looking for another solution like keepalived or pacemaker but seems like they are only having like Master-Backup mechanism, not master-backup,backup,backup
Any advice how to get this done?
Appreciate your ideas!
As far as I understood, You need some way to change servers dynamically like server:3000,server3001 and so on. If so you can save server list in text file and use revers proxy to use server form the serverfile.
after that you can simply update the serverlist file to update server from you code.
for example:
Create a file called servers.txt in a directory of your choice and list all the backend servers that you want to use in the following format:
server1.example.com
server2.example.com
server3.example.com
server3.example.com
In the Nginx configuration file, define an upstream block that refers to the servers.txt file and specifies the relevant proxy parameters, like this:
http {
upstream backend {
server unix:/var/run/php-fpm.sock;
include /path/to/servers.txt;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://backend;
}
}
}
specify additional parameters for other configuration.
finally you can change file servers.txt as per your need. But i dont know if you need to reload nginx server everytime you update your server.txt file.
Related
I'd like to have a reverse HTTPS proxy that CANNOT decrypt proxied traffic (ie an HTTPS passthrough/tunnel). The idea is to run this proxy on a VPS and point a domain to it, allowing for the IP address of the origin server to remain unexposed while maintaining end-to-end encryption.
Is this possible? I could probably proxy requests without difficulty since the destination address in that direction is fixed, but proxying responses seems problematic given that the proxy would be unable to read the client IP within an encrypted response.
A potential solution is to have the origin server package the encrypted response and destination address in a request made to the proxy, but I am unsure as to how I might generate the encrypted request without sending it (using node.js, which is the application running on the origin server).
From your question, I got that you want to listen to requests from your VPC server and pass the request to your other server which has to remain unexposed.
This can be configured with the web server which you are using for proxy ( considering AWS allows port forwarding from a VPN server to non-VPN server ).
I prefer doing this with Nginx as it is easy, open-source with less code and more functionality.
There is a concept of load balancing which does the same as you mentioned above.
steps :
Install Nginx and keep it active.
Create a new configuration file in /etc/nginx/sites-enabled
write the below code with modifications:
http {
upstream myapp1 {
server srv1.example.com;
server srv2.example.com;
server srv3.example.com;
}
server {
listen 80;
location / {
proxy_pass http://myapp1;
}
}
}
and at the place of srv1.example.com and srv2.example.com add the domain to which you want to redirect requests
Save the file and restart the Nginx
Boom!! it should redirect all incoming requests to your application.
What I'm trying to do is create an access website for my own services that run on my linux server at home.
The services I'm using are accessible through <my_domain>:<respective_port_num>.
For example there's a plex instance which is listening on port X and transmission-remote (a torrenting client) listening on port Y and another custom processing service on port Z
I've created a simple website using python flask which I can access remotely which redirects paths to ports (so <my_domain>/plex turns into <my_domain>:X), is there a way to display these services on the network paths I've assigned to them so I don't need to open ports for each service? I want to be able to channel an existing service on :X to <my_domain>/plex without having to modify it, I'm sure it's possible.
I have a bit of a hard time to understand your question.
You certainly can use e.g. nginx as a reverse proxy in front of your web application, listen to any port and then redirect it to the upstream application on any port - e.g. your Flask application.
Let's say, my domain is example.com.
I then can configure e.g. nginx to listen on port 80 (and 443 for SSL), and then proxy all requests to e.g. port 8000, where Flask is running locally.
Yes, this is called using nginx as a reverse proxy. It is well documented on the internet and even the official docs. Your nginx.conf would have something like:
location /my/flask/app/ {
# Assuming your flask app is at localhost:8000
proxy_pass http://localhost:8000;
}
From user's perspective, they will be connecting to your.nginx.server.com/my/flask/app/. But behind the scenes nginx will actually forward the request to your app, and serve its response back to the user.
You can deploy nginx as a Docker container, I recommend doing this as it will keep the local files and configs separate from your own work and make it easier for you to fiddle with it as you learn. Keep in mind that nginx is only HTTP though. You can't use it to proxy things like SSH or arbitrary protocols (not without a lot of hassle anyway). If the services generate their own URLs, you might also need to configure them to anticipate the nginx redirects.
BTW, usually flask is not served directly to the internet, but instead nginx talks to something like Gunicorn to handle various network related concerns: https://vsupalov.com/what-is-gunicorn/
I'm trying to set virtual host on my local machine for my Node (Express) project. But I cant figure out how to avoid port number
This is what I had entered on my /etc/hosts file.
192.168.151.207 www.potato.com
192.168.151.207 www.tomato.com
I can access site by www.potato.com:3000 but I want it to be simply www.potato.com.
I was Googling for last few days but all most all the solution says to use Nginx for reverse proxy. I also read somewhere that if I use Nginx I can't use Socket. And socket is something which I have to use in next phase of the project.
Any help is heartily appreciated.
Did you try virtualhost npm package?
Make your HTTP server hostname-aware very simply.
You define the handler for each server name, and that will return the
final handler to be passed to your HTTP server.
Works fine with Express.
You only need to use nginx or any orther proxy solution (there are nodejs modules too you could integrate with your application) if you want serve each virtualhost with different applications (because they cannot listen to the same port).
Here the answer to my question. I use Nginx only and setup a reverse proxy.
First on my /etc/hosts file I add the domain which I want to use.
127.0.0.1 tomato.com
This means whenever I open this URL "tomato.com" browser will change for 127.0.0.1. But my Express server is running on 127.0.0.1:3000. Now we need to point 127.0.0.1 to 127.0.0.1:3000. Using Nginx we can configure this. Below given line of code does this. /etc/nginx/sites-available/tomato.conf
server_name tomato.com;
location / {
proxy_pass "http://127.0.0.1:3000/"
}
For more detail check this post from Digitalocean
I want to use Nginx to expose my NodeJS server listening on port 443.
I don't want to manage the SSL certificate with Nginx. I would rather do that on the NodeJS server using the SNICallback option of https.createServer.
How do I setup the nginx.conf to support this?
You're looking for ssl pass-through. You'll set up your nginx to use TCP load balancing (even if you only have one server it's still thought of as load balancing) and ssl passthrough.
Note that nginx will be unable to access any of the content and that you will lose almost all of the advantages of using a proxy other than the ability to do load balancing.
See these instructions for a specific configuration example.
You can configure nginx to pass the encrypted traffic to the node.js server.
stream {
server {
listen 443;
proxy_pass your.node.js:443;
}
}
Note that you will have no access-log or any other means of access to the data.
I have a server that runs different websites on different ports. All of them (but one) are Apache servers and thanks to webmin, I managed to have, for instance, example.com point to 123.123.123.123:80 and example.fr to 123.123.123.123:8000, somehow automatically
I am now running a nodejs server on the same machine, so the 80, 8000, and many other ports are already taken. My nodejs listens on 8008. I have another domain name, say example.org, and I want it to point to my nodejs website, but I simply don't know how to do that! I have updated the DNS and everything is pointing to 123.123.123.123 (my server's IP). I want to avoid using an ugly example.org:8008/ for everything on this node server. How can I make it point implicitly to the 8008 port?? I must add that I cannot afford to take down the apache servers ;)
DNS only provides name to ip address mapping. It cannot handle ports. What you can do instead is to set up a proxy server listening on port 80. The proxy server can then return data based on the host header.
Your best option is to just redirect the request from Apache. Otherwise you can use a reverse proxy like Nginx. Also, you can write a lightweight proxy in node... check out this page