I need a forward TCP proxy for LDAP-service db.debian.org:389. This is public LDAP. I use Nginx for it.
Here is the Nginx config:
stream {
server {
listen 389;
proxy_pass db.debian.org:389;
}
}
Nginx opens TCP port port 389 on localhost
nc -zv localhost 389
Connection to localhost (127.0.0.1) 389 port [tcp/*] succeeded!
However LDAP-service does not work on localhost:389
ldapsearch -x -H ldap://localhost -x -b 'gid=slyon,ou=users,dc=debian,dc=org' -v -d8
ldap_initialize( ldap://localhost:389/??base )
ber_get_next failed, errno=0.
ldap_result: Can't contact LDAP server (-1)
Why? How to proxy LDAP requests?
The whole Nginx configuration must have sections: http{}, stream{} and events{} at the same level.
File nginx.conf must be in /etc/nginx/nginx.conf
It should look like (this is unpriveleged Nginx)
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /tmp/nginx.pid;
events {
worker_connections 1024;
}
http {
proxy_temp_path /tmp/proxy_temp;
client_body_temp_path /tmp/client_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '{"time": "$time_iso8601",...}';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
server {
listen 8080;
location / {
root /usr/share/nginx/html;
index index.html;
}
}
}
stream {
log_format upstream_log '{"time": "$time_iso8601",...}';
server {
listen 389;
proxy_pass db.debian.org:389;
access_log /var/log/nginx/access.log upstream_log;
}
}