nginx reverse proxy for ssh reverse tunnel?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

nginx reverse proxy for ssh reverse tunnel?

vergil
* 192.168.1.100 (reverse proxy and ssh tunnel server) : centos 8 + sshd 8 +
nginx 1.14.1 + firewalld disabled
    * 192.168.1.101 (local web server) : windows 10 + web App (port 80)
exposed to remote access with SSH reverse tunnel (port 6033)
    * 192.168.1.102 (remote machine) : Ubuntu + curl
        curl http://192.168.1.100:6033/api/Users ==> works well
        curl http://192.168.1.100/tunnel/api/Users ==> "the page you are
looking for is temporarily unavailable" !!!

tried with this [/etc/nginx/nginx.conf]

...
http {
    ...
    server {
        ...
        location /tunnel/ {
            proxy_pass <a href="http://127.0.0.1:6033;">http://127.0.0.1:6033;
        }
    }
}

then with this [/etc/nginx/nginx.conf]

...
http {
    ...
   
    upstream tunnel {
        server 127.0.0.1:6033;
    }
   
    server {
        ...
        location /tunnel/ {
            proxy_pass http://tunnel;
        }
    }
}

how to make a working nginx configuration that forward server port 80 to the
ssh tunnel port 6033?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,288756,288756#msg-288756

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: nginx reverse proxy for ssh reverse tunnel?

Francis Daly
On Sun, Jul 19, 2020 at 02:45:46AM -0400, jalil1408 wrote:

Hi there,

>     * 192.168.1.102 (remote machine) : Ubuntu + curl
>         curl http://192.168.1.100:6033/api/Users ==> works well
>         curl http://192.168.1.100/tunnel/api/Users ==> "the page you are
> looking for is temporarily unavailable" !!!

That suggests that you want a request to port 80 for /tunnel/X to be
proxy_pass'ed to port 6033 for /X. (As in: remove the "/tunnel" part.)

Do your nginx or port-6033 logs show the requests made and responses sent?

>         location /tunnel/ {
>             proxy_pass <a href="http://127.0.0.1:6033;">http://127.0.0.1:6033;

Add "/" after 6033.

http://nginx.org/r/proxy_pass

Cheers,

        f
--
Francis Daly        [hidden email]
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: nginx reverse proxy for ssh reverse tunnel?

vergil
In reply to this post by vergil
fixed by issueing this command: sudo setsebool httpd_can_network_connect on
-P

and this [/etc/nginx/nginx.conf]

...
http {
...
server {
...
location /tunnel/ {
proxy_pass <a href="http://127.0.0.1:6033;">http://127.0.0.1:6033;
}
}
}

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,288756,288763#msg-288763

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx