We have portainer running successfully on port 80 of the host, so it is available in a browser by ip address or name over http, no port 9000 required. However, we are having trouble now adding to the nginx reverse proxy.
server {
listen 80;
location / {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://10.108.150.11/; # ip addr for docker01
}
location /api/websocket/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_pass proxy_pass http://10.108.150.11/api/websocket/;
}
}
The problem seems to rotate around http://10.108.150.11/api/websocket/ giving a 404 in the browser if you try to navigate to this URL directly. Should it be reachable? Can anyone see anything else wrong here?
proxy_pass is entered twice in bottom location block
Cut n paste error?
Yes, but only to this thread! Was fine in the config. Got this working just now in the last half hour actually.
I set up a test reverse proxy in a VM and built the config up again with the one from the FAQ as a base (https://portainer.readthedocs.io/en/stable/faq.html). When I was satisfied it worked, I passed up the chain for the SSL to be added at our organisation’s actual reverse proxy. I think breaking the job into smaller tasks was key, I should have got it working over HTTP first and tested. Working fine now, even have LDAP authentication enabled.
https://<your_url>/api/websocket/ SHOULD give a 404, as the API is not reachable to the end user via the browser. Interestingly, we needed to disable nginx proxy_cache for all /api/websicket/ urls on the reverse proxy otherwise users could not see or interact with their newly created containers for a good 15 minutes! One to remember.
2 Likes