Separated reverse proxy for different users
ivy
nginx-forum at forum.nginx.org
Fri Aug 25 10:33:11 UTC 2017
Hi, I'm relatively new to HTTP servers and absolutely new to nginx.
I have HTTP server which should ask user credentials and redirect every user
to its own reverse proxy.
The initial setting is:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
set $auth_status 100;
server_name localhost;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
try_files $uri $uri/ =404;
auth_basic "restricted content";
auth_basic_user_file "/home/secure/.passwords";
auth_request_set $auth_status $upstream_status;
if ($remote_user = "ivy") {
proxy_pass http://localhost:10080;
break;
}
if ($remote_user = "john") {
proxy_pass http://localhost:10081;
break;
}
}
It works OK. However, I think it's pretty ugly to have separated "if" per
user. Therefore, I want to add a map:
map $remote_user $rp_port {
include /home/secure/reverse_proxy.map;
}
The map contains:
ivy 10080;
john 10081;
>From documentation I understood this should come before server definition.
Then I tried to replace all "ifs" in server body with:
proxy_pass http://localhost:$rp_port
This configuration gives following errors:
2017/08/25 06:29:38 [error] 26582#26582: *631 invalid port in upstream
"localhost:", client: ..., server: localhost, request: "GET / HTTP/1.1",
host: "..."
2017/08/25 06:29:48 [error] 26582#26582: *632 no resolver defined to resolve
localhost, client: ..., server: localhost, request: "GET / HTTP/1.1", host:
"..."
It's clear that I miss something in the documentation.
Please, help to build a map for reverse proxy by user authentication
properly.
Thank you.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,276150,276150#msg-276150
More information about the nginx
mailing list