Skip to main content

Setup Nginx as Proxy Reverse

Continuing the journey of Web Server Application, today we would setup Nginx as Proxy Reverse. If you want to start with how to install Nginx and configure it with SSL/TLS, read here.
This post scoped only in CentOS 7 and I'm using Alibaba Cloud as my cloud provider. Using other Operating System (OS) or cloud provider may need some adjustment to be matched, but I'll describe in general. If you have a trouble during follow this tutorial, don't hesitate to ask in the comment. Let's dive in!

Step 1 Run Go Application

To make this tutorial simple, we gonna use go application to be proxy reverse by our Nginx. Since go application are binary, so they could directly running on our server without need to install any dependency. I have prepared the pre-compiled binary of go application that listen http request on port 8080 for linux OS. So let's download it (because we're not in administrative task, I recommend you to use normal user instead of root user).
$ curl -o main -L https://github.com/h3rucutu/simple-hello-world-go-native/releases/download/v0.1.0/main-linux-amd64-0.1.0
After downloaded the binary, add executable permission to this file.
$ chmod +x main
Then run it in background.
$ nohup ./main &
Verify that our go application are running.
$ curl -w "\n" -v localhost:8080
* About to connect() to localhost port 8080 (#0)
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 200 OK
< Content-Type: application/json
< Date: Thu, 25 Jun 2020 09:38:22 GMT
< Content-Length: 27
< 
* Connection #0 to host localhost left intact
{"message": "Hello World!"}
Great, our go application are running well.

Step 2 Setup Nginx as Proxy Reverse

This step continuing my post before (read: here). Change our mode into root.
$ sudo -s
[sudo] password for h3rucutu:
#
Then edit the configuration of Nginx (since we want to use domain example.caltic.tech that configured inside example.caltic.tech.conf).
# vim /etc/nginx/conf.d/example.caltic.tech.conf
server {
  server_name example.caltic.tech; # managed by Certbot
  root        /usr/share/nginx/html;

  # Load configuration files for the default server block.
  include /etc/nginx/default.d/*.conf;

  location / {
    // Add code start here
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://172.31.5.163:8080/; // Change this IP with your IP Private Server
    proxy_read_timeout 90;
    proxy_http_version 1.1;
    proxy_request_buffering off;
    // Add code stop here
  }

  error_page 404 /404.html;
  location = /40x.html {
  }

  error_page 500 502 503 504 /50x.html;
  location = /50x.html {
  }

  listen [::]:443 ssl ipv6only=on; # managed by Certbot
  listen 443 ssl; # managed by Certbot
  ssl_certificate /etc/letsencrypt/live/example.caltic.tech/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/example.caltic.tech/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
  if ($host = example.caltic.tech) {
      return 301 https://$host$request_uri;
  } # managed by Certbot

  listen       80;
  listen       [::]:80;
  server_name example.caltic.tech;
  return 404; # managed by Certbot
}
Then save your file, test Nginx configuration and restart Nginx.
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# systemctl restart nginx
Go to your favourite browser and navigate to example.caltic.tech.

Our Go Application are proxy reverse by Nginx

Congratulation now our go application are proxy reverse by Nginx! This tutorial simulate that any application that you want to proxy reverse by Nginx, whatever your application is written. Just mapped in the server block of Nginx configuration to the local port where your application is running.
Later more on this blog. Stay tune!
Labels:

Comments

Post a Comment

Popular posts from this blog

Indonesian Dark Wordlist

Indonesian Dark Wordlist adalah proyek baru dari Unlisted Developer yang menghasilkan kumpulan kata (wordlist) berbasiskan pada Kamus Besar Bahasa Indonesia (KBBI) untuk berbagai keperluan, misalnya teknik bruteforce atau aircracking . Kami masih melihat proyek-proyek sebelumnya masih tidak jelas kelanjutan proyeknya dalam membuat Wordlist, maka dari itulah kami membuat proyek ini sebagai jembatan kepada teman-teman lain yang membutuhkan wordlist yang lengkap tanpa harus bersusah-susah meng- generate . Mengingat proyek ini masih dalam tahap awal, maka banyak sekali kelemahan-kelamahan yang ada, sehingga kami mengharapkan kritik dan saran yang membangun, supaya kami bisa berbenah dalam setiap tambahan waktu. Selain itu, kami juga masih membuka peluang kepada teman-teman yang ingin bergabung dalam proyek ini, silahkan menghubungi saya via email atau tinggalkan komentar pada tulisan ini. Tidak ada syarat ketentuan khusus, hanya syarat umum yaitu bisa mengoperasikan komputer (mengerti...
5 comments
Read More »

Bypassing Nokia Maps N9

Nokia N9 have maps application, both of Nokia Maps and Nokia Drive are related one to other. But the same problem with Nokia Drive on Nokia N9 also occur in Nokia Maps (see here ). Nokia Maps also need logged in Nokia Account before you can use Nokia Maps. So I think the same way with bypassing Nokia Account in Nokia Drive will be succeed too in Nokia Maps. The same step can be read on my previous post here , until preparing the configuration Nokia Drive download. Okay let's go! First, make sure you have installed Filebox and setting to show hidden files and show root filesystem. Open browser on your N9 and download Modified Nokia Maps Configuration here . Don't press clear when the download has finished, just tap Done. Go to Filebox, and navigate to /home/user/MyDocs/Downloads , you'll found Maps.conf there, copy and paste this file into /home/user/.config/Nokia . But I recommend you if there's existing Nokia Maps Configuration backup it into Maps.conf.bak the ...
24 comments
Read More »

Bypassing Nokia Drive N9

Nokia N9 contains maps application bundled by Nokia with offline maps, but to access Drive application you need to have Nokia Account and you must login in your N9. Before Nokia Account has been shutdown by Microsoft (see here ) there's no problem to using Nokia Maps on N9, but after 25th, April 2015 Nokia Account no longer can be accessed. So maybe you think that your N9 can't help you to assist when you driving or find place around the world. Nokia Account requirement Here, I'll show you to bypassing Nokia Account requirement to access Nokia Drive on N9 Harmattan. So you don't need to have Nokia Account logged on your N9 to access Nokia Drive. Below is the step by step to bypassing by modify Nokia Drive configuration on Harmattan. First, you'll need installed Filebox on your Harmattan N9 (see here  for installer and this  for installation). Open Filebox and make sure you have change settings to Show root filesystem and Show hidden files. Filebox Sett...
20 comments
Read More »