Search code examples
nginxasp.net-corereverse-proxykestrel

Why nginx's proxy_pass does not direct to asp.net core app?


I am deploying an angular app with asp.net core 2.2 api to Ubuntu 18.10 using nginx. With the following nginx configuration in the default file I get the client app working ok, but the api app cannot be found. Nginx returns 400 code.

While when I'm checking it locally with curl, it responds:

enter image description here

But when I'm checking from the outside (curl -v myapp.net/api/user/get) the response is:

enter image description here

/etc/nginx/sites-available/default

server {
    root /var/www/html;

    index index.html index.htm index.nginx-debian.html;

    server_name myapp.net www.myapp.net;

        # where the client app
    location / {
        rewrite ^/(.*) /$1 break;
        proxy_pass http://127.0.0.1:444;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection keep-alive;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
    }

        # where the api app
    location /api/ {
        proxy_pass http://127.0.0.1:555/;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection keep-alive;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/myapp.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/myapp.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 

}

server {
    if ($host = myapp.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = www.myapp.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80 default_server;
    listen [::]:80 default_server;

    server_name myapp.net www.myapp.net;
    return 404; # managed by Certbot
}

There's also Let's Encrypt certificate installed which seems to work okay.

The error.log contents:

2019/04/20 14:46:17 [debug] 6311#6311: accept on 0.0.0.0:80, ready: 0
2019/04/20 14:46:17 [debug] 6311#6311: posix_memalign: 000055A547F0BF40:512 @16
2019/04/20 14:46:17 [debug] 6311#6311: *11 accept: 178.128.x.x:44294 fd:3
2019/04/20 14:46:17 [debug] 6311#6311: *11 event timer add: 3: 60000:75522395
2019/04/20 14:46:17 [debug] 6311#6311: *11 reusable connection: 1
2019/04/20 14:46:17 [debug] 6311#6311: *11 epoll add event: fd:3 op:1 ev:80002001
2019/04/20 14:46:17 [debug] 6311#6311: *11 http wait request handler
2019/04/20 14:46:17 [debug] 6311#6311: *11 malloc: 000055A547EE91D0:1024
2019/04/20 14:46:17 [debug] 6311#6311: *11 recv: eof:0, avail:1
2019/04/20 14:46:17 [debug] 6311#6311: *11 recv: fd:3 90 of 1024
2019/04/20 14:46:17 [debug] 6311#6311: *11 reusable connection: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 posix_memalign: 000055A547F08C60:4096 @16
2019/04/20 14:46:17 [debug] 6311#6311: *11 http process request line
2019/04/20 14:46:17 [debug] 6311#6311: *11 http request line: "GET /api/user/get/null HTTP/1.1"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http uri: "/api/user/get/null"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http args: ""
2019/04/20 14:46:17 [debug] 6311#6311: *11 http exten: ""
2019/04/20 14:46:17 [debug] 6311#6311: *11 posix_memalign: 000055A547F33220:4096 @16
2019/04/20 14:46:17 [debug] 6311#6311: *11 http process request header line
2019/04/20 14:46:17 [debug] 6311#6311: *11 http header: "Host: myapp.net"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http header: "User-Agent: curl/7.61.0"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http header: "Accept: */*"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http header done
2019/04/20 14:46:17 [debug] 6311#6311: *11 event timer del: 3: 75522395
2019/04/20 14:46:17 [debug] 6311#6311: *11 generic phase: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 rewrite phase: 1
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script var
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script var: "myapp.net"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script value: "myapp.net"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script equal
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script if
2019/04/20 14:46:17 [debug] 6311#6311: *11 http set discard body
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script copy: "https://"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script var: "myapp.net"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http script var: "/api/user/get/null"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http finalize request: 301, "/api/user/get/null?" a:1, c:1
2019/04/20 14:46:17 [debug] 6311#6311: *11 http special response: 301, "/api/user/get/null?"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http set discard body
2019/04/20 14:46:17 [debug] 6311#6311: *11 xslt filter header
2019/04/20 14:46:17 [debug] 6311#6311: *11 HTTP/1.1 301 Moved Permanently
Server: nginx/1.15.5 (Ubuntu)
Date: Sat, 20 Apr 2019 14:46:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://myapp.net/api/user/get/null

2019/04/20 14:46:17 [debug] 6311#6311: *11 write new buf t:1 f:0 000055A547F33600, pos 000055A547F33600, size: 219 file: 0, size: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 http write filter: l:0 f:0 s:219
2019/04/20 14:46:17 [debug] 6311#6311: *11 http output filter "/api/user/get/null?"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http copy filter: "/api/user/get/null?"
2019/04/20 14:46:17 [debug] 6311#6311: *11 image filter
2019/04/20 14:46:17 [debug] 6311#6311: *11 xslt filter body
2019/04/20 14:46:17 [debug] 6311#6311: *11 http postpone filter "/api/user/get/null?" 000055A547F09C48
2019/04/20 14:46:17 [debug] 6311#6311: *11 write old buf t:1 f:0 000055A547F33600, pos 000055A547F33600, size: 219 file: 0, size: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 write new buf t:0 f:0 0000000000000000, pos 000055A547899AE0, size: 116 file: 0, size: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 write new buf t:0 f:0 0000000000000000, pos 000055A547899DE0, size: 62 file: 0, size: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 http write filter: l:1 f:0 s:397
2019/04/20 14:46:17 [debug] 6311#6311: *11 http write filter limit 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 writev: 397 of 397
2019/04/20 14:46:17 [debug] 6311#6311: *11 http write filter 0000000000000000
2019/04/20 14:46:17 [debug] 6311#6311: *11 http copy filter: 0 "/api/user/get/null?"
2019/04/20 14:46:17 [debug] 6311#6311: *11 http finalize request: 0, "/api/user/get/null?" a:1, c:1
2019/04/20 14:46:17 [debug] 6311#6311: *11 set http keepalive handler
2019/04/20 14:46:17 [debug] 6311#6311: *11 http close request
2019/04/20 14:46:17 [debug] 6311#6311: *11 http log handler
2019/04/20 14:46:17 [debug] 6311#6311: *11 free: 000055A547F08C60, unused: 8
2019/04/20 14:46:17 [debug] 6311#6311: *11 free: 000055A547F33220, unused: 2553
2019/04/20 14:46:17 [debug] 6311#6311: *11 free: 000055A547EE91D0
2019/04/20 14:46:17 [debug] 6311#6311: *11 hc free: 0000000000000000
2019/04/20 14:46:17 [debug] 6311#6311: *11 hc busy: 0000000000000000 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 tcp_nodelay
2019/04/20 14:46:17 [debug] 6311#6311: *11 reusable connection: 1
2019/04/20 14:46:17 [debug] 6311#6311: *11 event timer add: 3: 65000:75527395
2019/04/20 14:46:17 [debug] 6311#6311: *11 http keepalive handler
2019/04/20 14:46:17 [debug] 6311#6311: *11 malloc: 000055A547EE91D0:1024
2019/04/20 14:46:17 [debug] 6311#6311: *11 recv: eof:1, avail:1
2019/04/20 14:46:17 [debug] 6311#6311: *11 recv: fd:3 0 of 1024
2019/04/20 14:46:17 [info] 6311#6311: *11 client 178.128.x.x closed keepalive connection
2019/04/20 14:46:17 [info] 6311#6311: *11 client 178.128.x.x closed keepalive connection
2019/04/20 14:46:17 [debug] 6311#6311: *11 close http connection: 3
2019/04/20 14:46:17 [debug] 6311#6311: *11 event timer del: 3: 75527395
2019/04/20 14:46:17 [debug] 6311#6311: *11 reusable connection: 0
2019/04/20 14:46:17 [debug] 6311#6311: *11 free: 000055A547EE91D0
2019/04/20 14:46:17 [debug] 6311#6311: *11 free: 000055A547F0BF40, unused: 136

What I have already tried:

  1. playing with slashes in location and proxy_pass;
  2. commenting out include /etc/nginx/sites-enabled/*; in nginx.conf

Solution

  • Your screen shots showed two pieces of important information.

    1. The ASP.NET Core app expects the incoming requests at http://localhost:555, and the Host header should be localhost:555.
    2. Your nginx conf at that time was passing myapp.net as Host header.

    To fix the conf, I suggested you change the Host header to pass to upstream server, and it seems to work.