Using NGINX as a forward proxy in a relay server for V2Ray connection

I am living in Iran currently and our internet is limited. For bypassing the national firewall, we have to use a VPS based in Iran as a relay to connect to a VPS server outside Iran.

Many are using V2Ray VPNs and use a relay configured with IPTables to forward a connection on ports 80 and 443 to VPS ips (see this gist)

Instead of configuring iptables, I am trying to come up with a solution using NGINX, to act as a tunnel proxy between me and the outside VPS behind Cloudflare CDN. My nginx configuration is like this:

server {
       server_name SERVER_IP;
       listen 80;
       set $proxy_host_address MY_DOMAIN.COM;
       location / {
         resolver 1.1.1.1;
         proxy_pass http://$proxy_host_address$request_uri;
         proxy_redirect off;
         #proxy_set_header X-Real-IP $remote_addr;
         #proxy_set_header Host $proxy_host_address;
       }
}

But this redirects the connection instead of forwarding the connection, how should I fix this?

The main answer is using proxy_redirect off; in location section. This is an example to use NGINX as a relay proxy for Websocket Transporter:

server {
    root  /var/www/html;
    server_name example.com;

    location /ws-random-path {
        proxy_redirect off;
        proxy_pass http://<v2ray-server-url>:<v2ray-server-port>;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        # Show real IP if you enable V2Ray access log
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
        proxy_ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    }

    location / {
       index index.htm index.html;
       autoindex on;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

Replace example.com with your domain name and change v2ray-server-url and v2ray-server-port with your v2ray server inbound IP and port.

I used certbot to activate a trusted Let's Encrypt SSL Certificate.

This merely won't work, because the gist you're referencing operates via encrypted connection, and you are using here plain HTTP. Regardless of what the current issue you're facing is, this won't help you bypass the iranian state firewall.

Stop reinventing the wheel.