I am attempting to deploy an app to the internet via nginx reverse proxy. My app is completely containerized and my nginx configuration file in /etc/nginx/sites-available matches the shinyproxy example here: https://www.shinyproxy.io/security/
server {
listen 80;
server_name shinyproxy.yourdomain.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443;
server_name shinyproxy.yourdomain.com;
access_log /var/log/nginx/shinyproxy.access.log;
error_log /var/log/nginx/shinyproxy.error.log error;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/ssl/certs/yourdomain.com.crt;
ssl_certificate_key /etc/ssl/private/yourdomain.com.key;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 600s;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
My domain has https certification and if I visit my domain I see the "Welcome to nginx!" screen. However, after I launch my app to listen on port 8080 with the command:
docker run -d -v /var/run/docker.sock:/var/run/docker.sock --net wind_net -p 8080:8080 wind_container
if I visit my domain I still see the "Welcome to nginx!" screen. Nginx is not passing my domain through to my shiny application. Any ideas on why the proxy reverse is not working? Have I launched my containerized shiny app to the wrong port?
Your reverse engine proxy_pass directive is routing to host machine local network (127.0.0.1). When you containerize your applications, you are shifting from localhost network to docker ecosystem network. Thus, how you start and publish your shinyproxy to host matters. Check this article on networking in docker
Thank you for the help. I still haven't found a solution after reading the article and doing some more troubleshooting. Do I need to change the 127.0.0.1 portion of the proxy pass? Or do I need to spin up my docker container to listen somewhere other than 8080:8080?
How do you start your shinyproxy?
Hi @lucius-verus-fan
Just to be sure, with the following command you are trying to start ShinyProxy, right?
docker run -d -v /var/run/docker.sock:/var/run/docker.sock --net wind_net -p 8080:8080 wind_container
So the wind_container
is a customer container you created containing ShinyProxy?
In that case I don't think the problem has to do with Docker networking, the -p 8080:8080
part of the command ensures that port 8080 is forwarded to your local machine, independently of in which docker network the container is running.
Instead, I believe the error is in your nginx configuration, you have to change these lines to match your setup:
server_name shinyproxy.yourdomain.com;
rewrite ^(.*) https://$server_name$1 permanent;
# a few lines lower
server_name shinyproxy.yourdomain.com;
You must specify the correct domain name of your server there. Now you are telling nginx to process any request on shinyproxy.yourdomain.com
as a request to ShinyProxy, any other request will result in a 404. Thus, since you don't access it over shinyproxy.yourdomain.com
nginx will give you a 404.
Hello @LEDfan and @jaysnm
The command I am using to start ShinyProxy is:
docker run -d -v /var/run/docker.sock:/var/run/docker.sock --net wind_net -p 8080:8080 wind_container
The nginx configuration that I attached in my first comment is not the nginx configuration that I am using, that is the example given on the shinyproxy website. I will attach the nginx configuration file that I am using below.
server {
listen 80;
server_name windts.app www.windts.app;
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443 ssl;
server_name windts.app www.windts.app;
access_log /var/log/nginx/shinyproxy.access.log;
error_log /var/log/nginx/shinyproxy.error.log error;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/ssl/certs/windts.app.crt;
ssl_certificate_key /etc/ssl/private/windts.app.key;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 600s;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
When visiting the domain windts.app or www.windts.app you are sent to the Nginx welcome page instead of being passed to the shinyproxy app. The app runs correctly locally as well as on a remote server. It is simply a matter of connecting the domain to the container running the shinyproxy app.
I have solved the issue. Nginx was not displaying the shinyproxy app because I had neglected to link my nginx configuration file in /etc/nginx/sites-available/ to /etc/nginx/sites-enabled. After linking my configuration in both directories with the ls -s
command and removing the default configuration file from /etc/nginx/sites-enabled the shinyproxy app was displayed at my domain.
For the record it is ln -s
[sic], but thanks for sharing the feedback and good that your issue is solved!
Most helpful comment
I have solved the issue. Nginx was not displaying the shinyproxy app because I had neglected to link my nginx configuration file in /etc/nginx/sites-available/ to /etc/nginx/sites-enabled. After linking my configuration in both directories with the
ls -s
command and removing the default configuration file from /etc/nginx/sites-enabled the shinyproxy app was displayed at my domain.