Search code examples
sslnginxreverse-proxyrundeck

Rundeck behind and SSL Proxy

I am currently trying to set up an environment with Rundeck running behind and nginx reverse ssl proxy. I found different tutorials online for this scenario but none of those worked for me. I am working in an linux environment where both rundeck and nginx run on. My nginx configuration file for rundeck loooks like this:

server {
        access_log   /var/log/nginx/rundeck.access.log  main;


        listen 443;
        listen       [::]:443;
        ssl    on;
        ssl_certificate    /etc/nginx/conf.d/cert.crt;
        ssl_certificate_key    /etc/nginx/conf.d/key.rsa;

        location / {
          proxy_pass http://localhost:4440/;
          proxy_set_header        Host            $host;
          proxy_set_header        X-Real-IP       $remote_addr;
          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Ssl on;
}

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

Furthermore I configured those parameters in rundeck: framework.server.url = https://localhost:4440 and grails.serverURL=https://lde71d6p.de.top.com:443 I tried different combinations with https or only http, without port and with port. None of them works properly.

With the current configuration I get the following error situation. If i try to call http://hostname.top.com -> Connection Error (seems fine because port 80 isn't handled by nginx) https://hostname.top.com -> gets a 302 and is redirected to http://hostname.top.com/user/login;jsessionid=xxxxxxx and than gets an connection error. https://hostname.top.com/user/login gets me straight to the login interface of rundeck. All fine.

Can anyone help me please to resolve the error situations I mentioned first?

Kind Regards,

Max

Solution

  • The reason behind your error

    Error-1: listen 443 your server isn't listen on port 80, to fix it add listen 80; in your config.

    Error-2: location / { proxy_pass http://localhost:4440/; which redirect requests to 4440, getting error code 302.

    Error-3 & 4: Wrong proxy config.

    Please use below config to resolve your issue.

    server {

listen 80;

server_name <hostname>;

location / {

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;

    proxy_redirect http://localhost:4440/ /;

    proxy_pass http://localhost:4440/;
    }

 }