Join Log in
Score:0
Nasser Afarin avatar Server

Nginx reverse proxy behind squid proxy

th flag
Nasser Afarin

I have to create a reverse proxy for my internal services to call third party service. some of our third party service providers has a squid or any http proxy with authentication to reach out their services.

For simulation I create a reversproxy with name "reverseproxy" that expose port 85, we expect if customer browse http://localhost:85/httpsbin2/api/get then all traffic sent to https://httpbin.org/get throw an sqid proxy that we named it "squidproxy" and receive the response. docker-compose dile and nginx config file below

docker-compose.yml

version: '2'

networks:
  isb-network:
      driver: bridge
  no-internet:
    driver: bridge
    internal: true
services: 
  reverseperoxy:
    image: nginx
    container_name: reverseproxy
    volumes:    
      - ./nginx/conf.d:/etc/nginx/conf.d/
      - ./nginx/log:/var/log/nginx
    networks:
      - isb-network
    ports:
      - '85:80'

  squidproxy:
    image: robhaswell/squid-authenticated
    container_name: squidproxy
    environment:
      - SQUID_USERNAME=foo
      - SQUID_PASSWORD=bar
    networks:
      - isb-network
    ports:
      - '3128:3128'
    volumes:
      - ./squid/squid.conf:/etc/squid/squid.conf
      - ./squid/passwords:/etc/squid/passwords
      - ./squid/logs:/usr/local/squid/var/logs

and nginx config file

default.conf

server {
    listen       80;
    listen  [::]:80;
    server_name  localhost reverseproxy httpbin2.org "";
    
    rewrite_log on;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    location /httpsbin/api/ {# only for test, this section work 
      proxy_pass https://httpbin.org/;
    }

    location /httpsbin2/api/ {# we have problem here 
        proxy_pass http://squidproxy:3128/;
        proxy_set_header Host httpbin.org;
        proxy_set_header X-Forwarded-For httpbin.org;
        proxy_set_header Authorization "Basic Zm9vOmJhcg==";
        proxy_redirect http://localhost:85/httpsbin2/api http://httpbin.org;
    }
}

I test squid proxy with my browser and it works fine and i think the problem is with Nginx config

Problem: when I call http://localhost:85/httpsbin2/api/get it redirected to squid but squid received only /get not http://httpbin.org/get and I see below error from squid:

Invalid URL

Some aspect of the requested URL is incorrect.

Some possible problems are:

Missing or incorrect access protocol (should be http:// or similar)

Missing hostname

Illegal double-escape in the URL-Path

Illegal character in hostname; underscores are not allowed.

479
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.