I’m brand new to nginx so apologies in advance if this is the incorrect
place to ask but I’ve been struggling with this for a week without much
headway. I’m trying to reverse proxy two hosts behind nginx. The twist
is
that one of the hosts provides resources that come from another host
that’s
not accessible by the client:
There are three servers in question:
- ico-proxy
- webhost1
- webhost2
webhost1 has login pages at [https]//webhost1/ and
[https]//webhost1:8443.
These are not visible outside the secure environment. ico-proxy sits on
the
publicly accessible network and can access webhost1 and webhost2 over
ports
443 and 8443.
I can successfully redirect the following using 301 returns:
[http]//ico-proxy/webhost1 → [https]//ico-proxy
[http]//ico-proxy/webhost2 → [https]//ico-proxy:8443
e.g.,
location /webhost1/ {
return 301 [https]//$host$request_uri;
}
I then do another redirect inside the 8443 listener:
server {
listen 8443;
servername webhost1;
location / {
proxy_pass [https]//webhost1:8443;
}
}
The above works so far. The problem occurs because there are some links
that
refer to webhost2 directly. I can fix some of these with
proxy_set_header
statements. However, webhost1 has multiple links to a page on webhost2.
Is there a way to reverse proxy to webhost1 and somehow intercept all
webhost2 requests and in turn proxy them through another port on
ico-proxy?
This is for an IBM Cloud Orchestrator (OpenStack based) installation.
IBM
doesn’t have any guidance for this setup. Unfortunately, I can’t modify
the
links from webhost2 as it’s a canned app.
Thanks in advance for any guidance on the best way to approach this.
I’ve
thought about adding DNS entries for webhost2 that point to ico-host but
this breaks other functionality.
KLL
Posted at Nginx Forum: