I'm using X-Sendfile=X-Accel-Redirect with an internal location so one application (app1) can handle authentication/authorization for another application (app2). Apache handles the SSL and proxies to Nginx via HTTP. Nginx proxies to app1 via HTTP. Nginx is configured to proxy to app2 via HTTP, but the request is always HTTPS and times out because app2 doesn't accept HTTPS. When I connect to Nginx directly via HTTP, Nginx uses HTTP to proxy to app2. This isn't an issue in my testing environment where Apache does not use SSL.
# Apache
<VirtualHost *:80>
Redirect 301 / https://server
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
# other SSL settings omitted
ProxyPass /app2 http://localhost:9070/app2 # nginx
ProxyPassReverse /app2 http://localhost:9070/app2
ProxyPassReverse / https://localhost:9070/ # sometimes response Location headers have https
ProxyPass / http://localhost:9105/ # app1 (direct)
ProxyPassReverse / http://localhost:9105/
</VirtualHost>
# Nginx
http {
server {
listen 9070;
location /app2/ {
proxy_set_header X-Forwarded-Server $host:$server_port;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Sendfile X-Accel-Redirect;
proxy_pass http://127.0.0.1:9105/app2/; # app1's route for handling app2's access
}
location @app2 {
internal;
set $stored_real_path $upstream_http_x_real_location; # X-Real-Location is the path after /app2/
proxy_pass http://127.0.0.1:9106/$stored_real_path; # app2
}
}
}
