I am testing my express server running on proxy. My nginx config file for in sites-available is:
server {
server_name open.yousico.com;
gzip on;
gzip_proxied any;
gzip_types application/javascript application/x-javascript text/css text/javascript;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_min_length 256;
location /_next/static/ {
alias /var/www/yousi-website/.next/static/;
expires 365d;
access_log off;
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /api {
rewrite ^/codify(.*) $1 break;
proxy_pass "http://127.0.0.1:3001";
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/open.yousico.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/open.yousico.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = open.yousico.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name open.yousico.com;
return 404; # managed by Certbot
}
My server file for my express server listening on 3001 is:
const express = require('express');
const app = express();
app.listen(3001, console.log("server is running on 3001"));
app.get('/', (req, res) => {
res.send('API is running');
});
app.get('/hello', (req, res) => {
res.send('Hello World');
});
I tested this express server on my local machine, and it seems to be working fine, but when I deploy it to my cloud server, it displays "Cannot GET /api", is there something wrong with my config file? My understanding is that I set my location to /api and direct it to port 3001, and I'm sure that the server is running on 3001.
"Cannot XXX /YYY" is the Express default response when there is no handler for method XXX for path YYY.
In your case, I don't see an app.get("/api", ...) handler in your server code, so the error is quite warranted.
The rewrite statement in your nginx config,
rewrite ^/codify(.*) $1 break;
doesn't make sense either since there's no way for location /api to match /codify.
If you meant to strip the /api out before the URL is passed to your Express server,
rewrite ^/api(.*) $1 break;
in which case /api would be passed as /, and that would match your app.get("/")...
Related
I have two servers, running on the same virtual machines:
https:xxx.domain1.com (the front-end)
https:yyy.domain1.com (the back-end only called from the front-end)
Both are running under nginx and the run correctly on my development Ubuntu 20.04.1 machine.
Now I' moving them on AWS: I created a Linux machine the same OS, and transferred both the machines.
So now I have
https:xxx.domain2.com (the front-end)
https:yyy.domain2.com (the back-end only called from the front-end)
The second server will be always called only by the first one. It should be considered hidden.
I run them, but, when accessing the front-end for the login, I received the following errors:
OPTIONS https://xxx.domain2.com/login CORS Missing Allow Origin
Now, in the server https:yyy.domain2.com I always specified
const router = express();
router.use(cors())
and the full nginx config file is as follow
server {
server_name xxx.domain2.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xxx.domain2.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xxx.domain2.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name yyy.domain2.com;
add_header Access-Control-Allow-Origin "xxx.domain2.com";
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3001;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xxx.domain2.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xxx.domain2.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = xxx.domain2.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name xxx.domain2.com;
return 404; # managed by Certbot
}
server {
if ($host = yyy.domain2.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name yyy.domain2.com ;
return 404; # managed by Certbot
}
Please note that I added the line
add_header Access-Control-Allow-Origin "xxx.domain2.com";
that I don't have on my development server.
====================== FIRST ADDENDUM ==========================
This is the client offending piece of code: The error is in response to the const res = await axios.put(cfLogin, { 'cf': cf }); request below.
const handleSubmitCf = async (e) => {
e.preventDefault();
setSudo(false)
try {
const res = await axios.put(cfLogin, { 'cf': cf });
if (res.status === 200 || res.status === 201)
{
nextPhase();
setResponse(res.data.data1);
}
setErrore('');
}
catch (error) { setErrore(error.response.data); };
}
Currently I am trying to build a small nodejs API which should work on my server behind an already existing and working nginx setup.
nginx.conf:
server {
listen 80;
listen [::]:80;
server_name *.mydomain.com;
if ($host = www.mydomain.com) {
return 301 https://$host$request_uri;
}
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
}
if ($host = hello.mydomain.com) {
return 301 https://$host$request_uri;
}
return 404;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name mydomain.com www.mydomain.com;
root /var/www/html;
index index.html;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_client_certificate /etc/ssl/cloudflare.crt;
ssl_verify_client on;
location / {
try_files $uri/index.html $uri.html $uri/ $uri =404;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name hello.mydomain.com;
root /var/www/hello;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_client_certificate /etc/ssl/cloudflare.crt;
ssl_verify_client on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:3000$request_uri;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
index.js:
const express = require('express');
const app = express();
app.get("/", (request, response) => {
response.end("hello world");
});
app.listen(3000, () => console.log('listening'));
So i have mydomain.com and www.mydomain.com and they have nothing to do with nodejs and work fine.
The nodejs site lies behind hello.mydomain.com and just returns a 502: Bad Gateway error. When I am on my server (where everything lies) and just do:
curl localhost:3000
I get the right response. So the nodejs code works (I even approved it locally), but the nginx is not able to act as a proxy and "speak" with the local nodejs express.
Does anyone know why this does not work? I already searched through many tutorials, but I just cannot find the solution. :/
I just created a website in reactJS (create-react-app) with a login possibility.
I configured autosigned SSL certificates with letsencrypt, added some DNS entries for HSTS and everything that make my website properly traffic-encrypted. My website is running on port 3001 (front-end) and my nodeJs backend is up on port 3000.
Everything works fine, however when some people try to connect to my website behind some VPN (not all of them), they see the page of my app (front-end) but when they try to login (connection to back-end), they get an ERR_CONNECTION_TIMED_OUT.
I cannot reproduce the bug because I do not have such VPN (with my NordVPN its working ok). So I would like you to help me to discover where this problem stems from.
Here is my nginx config file:
# xxx.fr nginx config file
user xxx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
upstream frontends {
server xxx.fr:3001;
}
charset utf-8;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
keepalive_timeout 65;
proxy_read_timeout 200;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_min_length 1000;
gzip_proxied any;
gzip_types text/html text/css text/xml
application/x-javascript application/xml
application/atom+xml text-javascript;
proxy_next_upstream error;
#include /etc/nginx/sites-enabled/*;
server {
# default_server;
#listen [::]:80;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload ';
#add_header Content-Security-Policy "default-src 'self';";
server_name xxx.fr www.xxx.fr;
client_max_body_size 50M;
location ^~ /build/static {
root /home/xxx/x/public;
index index.html;
if ($query_string) {
expires max;
}
}
location = /favicon.ico {
rewrite (.*) /public/favicon.ico;
}
location = robots.txt {
rewrite (.*) /public/robots.txt;
}
location / {
proxy_pass_header Server;
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains, preload" always;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_set_header X-Scheme $scheme;
proxy_pass http://frontends;
proxy_ssl_name $host;
proxy_ssl_server_name on;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xxx.fr/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xxx.fr/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.xxx.fr) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = xxx.fr) {
return 301 https://$host$request_uri;
} # managed by Certbot
#listen 80;
server_name xxx.fr www.xxx.fr;
return 404; # managed by Certbot
}
}
And in my nodeJS server (back-end), I have the following header set:
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Methods", "*");
res.header("Access-Control-Allow-Credentials", true);
// res.header("Access-Control-Allow-Credentials", "true");
res.header(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, Authorization"
);
next();
});
Can anyone tell me how to fix the ERR_CONNECTION_TIMED_OUT ?
Thank you so much
how to redirect with two different domain with NodeJs
i have one sub-domain with https://service.test.in:1234 & also want to redirect same code to https://service.test.ae:1235 with SSL
so how can i redirect to both sub-domain with same code also with SSL?
here is the code of server.js
const sslOptions = {
key: fs.readFileSync("./privateKey.key"),
cert: fs.readFileSync("./reportservice_test_in.crt"),
ca: [
fs.readFileSync('./COMODORSADomainValidationSecureServerCA.crt'),
fs.readFileSync('./COMODORSAAddTrustCA.crt')
]
};
app.get(virtualDirPath + '/test', function (req, res) {
return res.json({
"status": "server is running..."
})
})
var server = https.createServer(sslOptions, app);
var port = process.env.PORT || 1234;
server.listen(port, function () {
console.log("started server")
});
install nginx in your server using sudo apt install nginx command
go to cd /etc/nginx/sites-available
open nano default file edit as per your requirement
if you want to redirect another domain to same then create new file at /etc/nginx/sites-available and change as per your requirement
here is the sample file code
server {
listen 443 ssl;
server_name "~^(\w{1,61}+)\.test2.india\.in$" test2.india.in;
client_header_timeout 120s;
client_max_body_size 50m;
uwsgi_read_timeout 300;
uwsgi_send_timeout 300;
uwsgi_buffer_size 8k;
client_body_buffer_size 32K;
large_client_header_buffers 4 32k;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location / {
proxy_pass http://test1.india.in;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
ssl_certificate /etc/nginx/sites-available/certificate_file.crt; # managed by Certbot
ssl_certificate_key /etc/nginx/sites-available/privateKey.key; # managed by Certbot
}
server {
if ($host = test2.india.in) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name "~^(\w{1,61}+)\.test2.india\.in$" test2.india.in;
return 404; # managed by Certbot
}
after create multiple file then run below command
ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/default_ae.conf /etc/nginx/sites-enabled/
for more information visite this link
I am trying to deploy a next-js app by create-next-app, I have a custom express server like this -
const express = require('express')
const next = require('next')
const dev = process.env.NODE_ENV !== 'production'
const nextApp = next({ dev })
const handle = nextApp.getRequestHandler()
const fs = require('fs')
nextApp.prepare()
.then(() => {
const server = express ()
let port = 3000;
let options = {
key: fs.readFileSync('some key..', 'utf-8'),
cert: fs.readFileSync('some cert..', 'utf-8'),
};
server.get(
...
)
let app = https.createServer(options, server)
.listen((port), function(){
console.log("Express server listening on port " + port);
});
})
.catch((ex) => {
console.error(ex.stack)
process.exit(1)
})
I want to deploy this as the website when someone types the URL subdomain.maindomain.com so I saved two nginx configuration files like this -
/etc/nginx/sites-available/default AND /etc/nginx/sites-available/subdomain.maindomain.com
the default file contains this
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name maindomain.com www.maindomain.com;
location / {
# try_files $uri $uri/ =404;
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/maindomain.com/fullchain.pem;$
ssl_certificate_key /etc/letsencrypt/live/maindomain.com/privkey.pe$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
and the subdomain.maindomain.com file looks like this
server {
if ($host = www.subdomain.maindomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = subdomain.maindomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
root /var/www/subdomain.maindomain.com/somecodefolder/;
index index.html index.htm index.nginx-debian.html;
server_name subdomain.maindomain.com www.subdomain.maindomain.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
# try_files $uri $uri/ =404;
}
}
if I'm typing https://subdomain.maindomain.com:3000, everything works fine, I see my website running. But when I type https://subdomain.maindomain.com (without the port number) it shows nothing. How can I get the content I want when I type just the url without the port number. I have tried many combinations, but could'nt do. someone please help i've been trying since 2 days.
Try with other applications in order to validate if something is wrong in your application.
Configure nginx to use domain instead ports are not complex. Just add https configurations but the main configurations will be the same.
Steps
npm install
node main_domain.js
node subdomain.js
Check if webs are working:
Add the following lines to your /etc/hosts. This will help us to use domains without enterprise web hosting company register.
127.0.0.1 maindomain.com
127.0.0.1 subdomain.maindomain.com
Create a file in /etc/nginx/conf.d called maindomain.com.conf or whatever you want but with .conf
server {
listen 80;
server_name maindomain.com;
location / {
proxy_pass http://localhost:3000/;
}
}
Create a file in /etc/nginx/conf.d called conf.d/subdomain.maindomain.com.conf or whatever you want but with .conf
server {
listen 80;
server_name subdomain.maindomain.com;
location / {
proxy_pass http://localhost:3001/;
}
}
Restart the nginx
service nginx restart
And now, you could use a domain instead ip:port
Try to change from
proxy_pass http://localhost:3000;
Into
proxy_pass http://127.0.0.1:3000;