ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Nginx reverse proxy problem with subdomains

    Scheduled Pinned Locked Moved Solved IT Discussion
    nginxreverse proxysubdomain
    23 Posts 3 Posters 6.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch @stacksofplates
      last edited by

      @johnhooks said:

      I couldn't ping 10.254.0.106 either.

      Of course not. it is the internal IP.

      stacksofplatesS 1 Reply Last reply Reply Quote 0
      • stacksofplatesS
        stacksofplates @JaredBusch
        last edited by

        @JaredBusch said:

        @johnhooks said:

        I couldn't ping 10.254.0.106 either.

        Of course not. it is the internal IP.

        Oh I thought these were all public facing and you were just forwarding to them. Nevermind.

        1 Reply Last reply Reply Quote 0
        • stacksofplatesS
          stacksofplates
          last edited by

          What happens if you disable SELinux and firewalld?

          JaredBuschJ 2 Replies Last reply Reply Quote 1
          • JaredBuschJ
            JaredBusch @stacksofplates
            last edited by

            @johnhooks said:

            What happens if you disable SELinux and firewalld?

            The nginx proxy can reach the internal IP and port as noted above.

            The external ports 80/443 and port forwarded to the nginx proxy.

            6 domains are currently currently on the same server are daerma.com and all work perfectly. All of the working proxied domains are only domain.com and www.domain.com redirecting to 80/443 on a single internal IP

            1 Reply Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch
              last edited by

              7 sites now. I forgot about jaredbusch.com and just added another conf file.

              1 Reply Last reply Reply Quote 0
              • JaredBuschJ
                JaredBusch
                last edited by JaredBusch

                This post insinuates that I should not need to do anything else to reroute.

                http://mangolassi.it/topic/5470/reverse-proxy/15

                As well as my google searching

                1 Reply Last reply Reply Quote 0
                • stacksofplatesS
                  stacksofplates
                  last edited by

                  Ya that's weird. The only time I've ever got a 502 is when either PHP-FPM isn't running or node isn't running.

                  What do your nginx logs say?

                  1 Reply Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch @stacksofplates
                    last edited by

                    @johnhooks said:

                    What happens if you disable SELinux and firewalld?

                    selinux.....

                    did not think about that.. I was not doing anything special.

                    setenforce 0 and they work.

                    support.bundystl.com
                    community.daerma.com

                    stacksofplatesS 1 Reply Last reply Reply Quote 2
                    • stacksofplatesS
                      stacksofplates @JaredBusch
                      last edited by

                      @JaredBusch said:

                      @johnhooks said:

                      What happens if you disable SELinux and firewalld?

                      selinux.....

                      did not think about that.. I was not doing anything special.

                      setenforce 0 and they work.

                      support.bundystl.com
                      community.daerma.com

                      Ya I don't understand how it's determined which ports are allowed through SELinux and which aren't.

                      1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch
                        last edited by

                        @johnhooks said:

                        @JaredBusch said:

                        @johnhooks said:

                        What happens if you disable SELinux and firewalld?

                        selinux.....

                        did not think about that.. I was not doing anything special.

                        setenforce 0 and they work.

                        support.bundystl.com
                        community.daerma.com

                        Ya I don't understand how it's determined which ports are allowed through SELinux and which aren't.

                        right. so now to learn that because i like not setting permissive

                        1 Reply Last reply Reply Quote 0
                        • stacksofplatesS
                          stacksofplates
                          last edited by stacksofplates

                          You should be able to do

                           semanage port -a -t http_port_t -p tcp 4567
                          

                          Then if you do

                          semanage port -l | egrep '(^http_port_t)' 
                          

                          it should output the list of ports with that context

                          http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000
                          
                          1 Reply Last reply Reply Quote 1
                          • stacksofplatesS
                            stacksofplates
                            last edited by

                            If it says 4567 is already assigned a label you can change it to:

                            semanage port -m -t http_port_t -p tcp 4567 
                            

                            Then if you do the port list it should show up in there.

                            1 Reply Last reply Reply Quote 1
                            • JaredBuschJ
                              JaredBusch
                              last edited by

                              @johnhooks said:

                              semanage port -m -t http_port_t -p tcp 4567

                              I had to add semanage first but then it worked.

                              1 Reply Last reply Reply Quote 2
                              • 1
                              • 2
                              • 1 / 2
                              • First post
                                Last post