Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update nginx reverse proxy documentation #727

Closed
ravindk89 opened this issue Feb 9, 2023 · 0 comments · Fixed by #743
Closed

Update nginx reverse proxy documentation #727

ravindk89 opened this issue Feb 9, 2023 · 0 comments · Fixed by #743
Assignees
@ravindk89
Labels
priority: high

Comments

@ravindk89
Copy link
Collaborator

Summary

With the release of newer Console, the websocket change impacts the existing nginx reverse proxy guide.

From internal guidance, the following configuration should work as a general starting point:

server {
        listen       9000;
        listen  [::]:9000;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering
        proxy_buffering off;
        proxy_request_buffering off;

        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            proxy_connect_timeout 300;
            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            chunked_transfer_encoding off;

            proxy_pass http://minio/;
        }
    }

    server {
        listen       9001;
        listen  [::]:9001;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering
        proxy_buffering off;
        proxy_request_buffering off;

        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-NginX-Proxy true;

            # This is necessary to pass the correct IP to be hashed
            real_ip_header X-Real-IP;

            proxy_connect_timeout 300;
            
            # To support websocket
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            
            chunked_transfer_encoding off;

            proxy_pass http://console/;
        }
    }

There are some additional bits we need to look into - e.g. subdomains vs path fragments (Console I think supports only the former)

But for now lets update https://min.io/docs/minio/linux/integrations/setup-nginx-proxy-with-minio.html and go from there.

NOTE
I noticed on my RHEL 9.1 box that upstream nginx doesn't seem to include the sites-available or default config hierarchy anymore. There is just an nginx.conf file and nginx.conf.default in /etc/nginx. Maybe this is universal? Regardless references to sites-available might not be as helpful now
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ravindk89 ravindk89

Labels
priority: high
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Updating Nginx Reverse Proxy documentation minio/docs
1 participant
@ravindk89