Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proxy forward to other Proxy #17

Open
markgargan opened this issue Dec 4, 2021 · 1 comment
Open

Proxy forward to other Proxy #17

markgargan opened this issue Dec 4, 2021 · 1 comment

Comments

@markgargan
Copy link

markgargan commented Dec 4, 2021
edited
Loading

Hi there Robert,
This isn't an issue as such alas I couldn't figure out another way to contact you. I apologise if this it the incorrect forum but would truly appreciate any help/guidance you could provide as you seem to really know what's going on wrt HTTPS traffic going through an nginx server as a forwarding proxy.

I'm trying out your forwarding proxy but I don't appear to be able to get through it with https?
Ideally I was looking to see if there was a way I could use your docker image as a form of traffic redirect? I'd have a bunch of regexs that would then redirect the traffic to an internal proxy and another set that would redirect it to a charles proxy running locally from where I could then redirect to the external proxy in work.

In the case below, any url with samdev goes to an internal proxy and
anything with 'google' goes to my charles proxy and out through our external proxy.

i'd build up these regex's like a PAC file once I have the redirects working.

You probably recognise the nginx.conf below, I got it from
https://github.com/kawanet/nginx-forward-proxy/blob/master/etc/nginx.conf

One last thing, I tried in vain to redirect the access/error logs to /dev/stdout and &/dev/stderr respectively but alas when nothing appeared in either using the docker command

docker logs -f reizman 2>dev/null
docker logs -f reizman 1>dev/null

user www-data;
worker_processes auto;
daemon off; # Don't run Nginx as daemon, as we run it in Docker we need a foreground process.
events { }

http {
  # google's DNS server
  resolver 8.8.8.8;
  resolver_timeout 5s;

  access_log /dev/stdout;
  error_log /dev/stderr;
  proxy_temp_path ./temp;
 
  server {
    # proxy server port
    listen 8888;

    location / {
      # internal http proxy
      set $internal_host "127.0.0.1";
      set $internal_port "8889";

      # external proxy
      set $external_host "127.0.0.1";
      set $external_port "8889";

      # proxy (default)
      set $proxy_host "$http_host";
      set $url "$scheme://$http_host$request_uri";

      # Internal traffic
      if ($host ~* "^samdev$") {
        set $proxy_host "$1";
        set $url "http://$internal_host:$internal_port$request_uri";
      }

      # External Traffic for anything google
      if ($http_host ~* "^google$") {
        set $proxy_host "$1:$2";
        set $url "http://$external_host:$external_port$request_uri";
      }

      proxy_redirect off;
      proxy_set_header Host $proxy_host;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_pass "$url";
    }
  }
}
@reiz
Copy link
Owner

reiz commented Feb 21, 2022
edited
Loading

Hey @markgargan. HTTPS shouldn't be a problem. the ngx_http_proxy_connect_module should handle SSL connections. The examples in this repository are using that module. If you are using the Docker image 0.0.4 or 0.0.5, then that should be included.

Because of the logs, it might be that not all Nginx logs are redirected to stdout. That's something what you could reconfigure. Or simply connect to the running Docker container and double check the logs, usually under /var/log/nginx.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@reiz @markgargan