Reverse proxy with nginx

I’ve got a dev machine at home that runs various dev tools such as Jira and Bamboo. Like all Atlassian products they run on various ports. This allows you to easily run their software, together, on the same machine.

There’s a few knit-picking issues with this though. The most obvious is that port numbers can be hard to remember. Bamboo runs on 8085 & Stash on 7090. Not what I’d call rememberable numbers given I had to double check. Secondly, if you want to access these services externally, you need to hack in the port forwarding records each time you add a new service.

Instead, use port 80 for all of your services and do the port forwarding internally, based off hostname. This removes the need to update your router each time you add a new service, as well as, everything runs on port 80, externally. When I wish to add a new tool to my workflow, I can simply configure the proxy configuration. I don’t need to mess around with port forwarding. It is so painfully slow on my thomson router..

So the current situation is this:

What we want is:

Notice the services are routed by a subdomain, rather than some port number. DNS records will need to be updated but that is simpler in my opinion. So much cleaner! No need to remember port numbers, instead we simply just use the service name.

Install Nginx # 

sudo apt-get install nginx

Configure the Proxy #

Create the proxy configuration file. I’m using debian (wheezy) where my nginx installation location is at ‘/etc/nginx’.

nano /etc/nginx/conf.d/proxy.conf

We’re using the host name of the request as the identifier, instead of the port. We need to define this in our proxy.conf file. Below, the upstream directive is used in addition to the server directive. These compliment each other. The following will allow our Jira instance to be ran on http://jira.leftfield.io

upstream jira {
    server 127.0.0.1:8080;
}

server {
    server_name jira.leftfield.io;
    listen 80;
    access_log /var/log/nginx/jira.log combined;
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Authorization "";
    }
}

We simply repeat these two directives for each of the other services. We end up with:

upstream jira {
    server 127.0.0.1:8080;
}

upstream stash {
    server 127.0.0.1:7990;
}

upstream bamboo {
    server 127.0.0.1:8085;
}

#       Jira
server {
    server_name jira.leftfield.io;
    listen 80;
    access_log /var/log/nginx/jira.log combined;
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Authorization "";
    }
}

#       Stash
server {
    server_name stash.leftfield.io;
    listen 80;
    access_log /var/log/nginx/stash.log combined;
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:7990;
        proxy_set_header Authorization "";
    }
}

#       Bamboo
server {
    server_name bamboo.leftfield.io;
    listen 80;
    access_log /var/log/nginx/bamboo.log combined;
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8085;
        proxy_set_header Authorization "";
    }
}

Be sure to change the server names and port numbers to suit.

Update Jira Config (if Jira is involved) #

If you are proxying Jira like me, there is a configuration change you need to make in the server.xml file located in /opt/atlassian/jira/conf/server.xml. Before we do this, shutdown your Jira instance.

Open the /opt/atlassian/jira/conf/server.xml file and find the element <service name="Catalina">.
Inside this, you will have a Connector definition. You need to add 3 attributes to it, like so:

<Connector 
    acceptCount="100" 
    connectionTimeout="20000" 
    disableUploadTimeout="true" 
    enableLookups="false" 
    maxHttpHeaderSize="8192" 
    maxThreads="150" 
    minSpareThreads="25" 
    port="8080" 
    protocol="HTTP/1.1" 
    redirectPort="8443" 
    useBodyEncodingForURI="true"

    service="http" 
    proxyName="jira.leftfield.io" 
    proxyPort="80"
/>

As mentioned here

Reboot & Done #

Once you’ve done this. Reload nginx

sudo /etc/init.d/nginx reload

And we’re good to go!

If you’re doing this for Atlassian stuff like me, then make sure you update your instance domain in the system adminstration settings in the application.

Any questions, drop me a line. me[at]jscanes[dot]com

 
59
Kudos
 
59
Kudos

Now read this

Some of my fav unix/bash commands.

Awesome Bash shortcut I recently discovered allows you to quickly clear stuff from a bash command. Ctrl + w # Clears the last block of text in a command. Say you’ve got something like: git commit -m "Added some things here and changed... Continue →