Correct proxy configuration for nginx server to access rest api-CodePudding

I have a nginx-server configured as follows:

server {
    listen       3000;
    listen  [::]:3000;
    server_name . ;

    add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
    
    ...

    index index.html;
    root /usr/share/nginx/html;

    location /cam/ {
        proxy_pass http://cam:8000/;
    }

    location /api {
        proxy_pass https://some_ip:some_port;
        proxy_pass_request_headers on;
        proxy_set_header X-API-KEY xxxxx;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $server_name;
        proxy_ssl_server_name on;
    }

    location /share/ {
        alias /usr/src/share;
    }

    location / {
        try_files $uri $uri/ /index.html;
    }

    add_header 'Access-Control-Allow-Origin' '*' always;
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
    add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;

    client_max_body_size 1M;
    keepalive_timeout 10;
}

For displaying my frontend, this configuration works fine. The proxy for the cam is also working correctly.

I am getting problems in the configuration of the proxy for the api. The api has a sanity-check under "https://some_ip:some_port", which just returns "200: ok". Otherwise I should be able to make request using a fetch request such as

const res = await fetch(`api/subaddress/${system_id.toString()}/base`, {
        method: 'POST',
        headers: {
            'Content-type': 'application/json',
            'X-API-KEY': xxxxx,
            'Access-Control-Allow-Origin': '*',
            'Access-Control-Allow-Methods': 'HEAD, GET, POST, PUT, PATCH, DELETE',
            'Access-Control-Allow-Headers': 'Origin, Content-Type, X-Auth-Token'
        },
        body: JSON.stringify(data_body),
    });

Which, if successfull, returns "202: ok".

If I make such a request using curl, it works just fine (both of the requests), so the api should not be the problem.

At the current configuration, I get a "200: ok", which tells me that I have connected to the api, but the proxy does not take in account my subaddresses.

Besides the given configuration, I tried the following:

location /api {
    proxy_pass https://some_ip:some_port$request_uri;
    ...
}

which always gives me "502: bad gateway"

location /api/ {
    proxy_pass https://some_ip:some_port/;
    ...
 }

which always gives me "403: forbidden"

location /api {
    rewrite ^/api/(.*) /$1 break;
    proxy_pass https://some_ip:some_port/$1;
    ...
}

which causes nginx to crash, as it tells me that it cannot resolve it. I would like to avoid using a resolver, unless definitly necessary (I have tried it using a resolver before too and it did not work either).

What is the correct way to accomplish this?

CodePudding user response：

I solved this. Apparently the 403: forbidden was caused my some of the configurations of the proxy. After removing those, I did not get that error anymore.

In the end I used

location /api {
    rewrite ^/api/(.*) /$1 break;
    proxy_pass https://some_ip:some_port/$1;
    ...
}

which I made work by putting

resolver 1.1.1.1 valid=30s;

at the top of the configuration file.