Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ords 3.0.9 doesn't accept NGINX reverse proxy #6

Open
lmfmsilva opened this issue Jan 28, 2017 · 3 comments
Open

Ords 3.0.9 doesn't accept NGINX reverse proxy #6

lmfmsilva opened this issue Jan 28, 2017 · 3 comments

Comments

@lmfmsilva
Copy link

Hi Andrzej,

After some testing I found out that I can't use a NGINX reverse proxy in front of your docker image (strange error regarding CORS after the login page).

I know (because I tested on a different docker image) that ORDS 3.0.2 works just fine behind NGINX. Is it possible that you downgrade you image?

Best regards,

Luís
@jhmk
Copy link

jhmk commented Mar 6, 2018

Had the same Problem. Apache works fine.
Also you can fork this Repo and replace ORDS with another Version.
http://www.oracle.com/technetwork/developer-tools/rest-data-services/downloads/ords-downloads-302-2841250.html

@araczkowski
Copy link
Owner

araczkowski commented Mar 6, 2018
edited
Loading

Hi,

try:

location /ords
{
proxy_pass http://127.0.0.1:8080;
proxy_set_header Origin "";
}

  location /i {
        proxy_pass http://127.0.0.1:8080;
          proxy_set_header Origin "";
}

@jhmk
Copy link

jhmk commented Mar 13, 2018
edited
Loading

Here is my solution (works only with one running Docker Container):

  • Stop all Services that listen on Port 80 / 443 on your Host (not Docker)

  • get the Container IP Address with docker inspect *CONTAINER*. Should be something like 172.17.0.*

  • Add some Iptable rules (my IP is 172.17.0.2)

sudo iptables -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT

sudo iptables -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT

iptables -t nat -A DOCKER -p tcp --dport 80 -j DNAT --to-destination 172.17.0.2:80

iptables -t nat -A DOCKER -p tcp --dport 443 -j DNAT --to-destination 172.17.0.2:443

  • ssh in the docker and install nginx with the proxy settings from the post above

  • if you like to have SSL use the LetsEncrypt Certbot with DNS validation
    certbot -d YOURDOMAIN --manual --preferred-challenges dns certonly

Done

Also here is my full nginx config:
`
server {
listen 80 default_server;
listen [::]:80 default_server;

    server_name YOURDOMAIN;

rewrite ^/(.*)$ https://YOURDOMAIN/ords/f?p=10000:LOGIN:::::: ;

}

server {
listen 443 default_server;
listen [::]:443 default_server;

# rewrite can be changed to your Apex App ID
rewrite ^/$ https://YOURDOMAIN/ords/f?p=10000:LOGIN:::::: redirect;

root /var/www/html;

index index.html;

server_name YOURDOMAIN;

location /i {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Origin "";
}

location /ords {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Origin "";
}

location / {
    proxy_pass http://127.0.0.1:8080;
      proxy_set_header Origin "";
	try_files $uri $uri/ =404;
}


    ssl on;
    ssl_certificate /etc/letsencrypt/live/YOURDOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/YOURDOMAIN/privkey.pem;

}
`

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@araczkowski @lmfmsilva @jhmk