Use Redirect app to redirect to another Yunohost Server on the same network? (Nginx Reverse Proxy basically)

Support
,
1

Yunohost 11.2.4
Running on Lenovo Mystery PC

I’m running a Yunohost server on a Lenovo thin client. I want to install some resource-heavy apps on another identical server to spread the load a bit. However, I’m having trouble forwarding to the second server. 80 and 443 are going to my primary yuno1 server, and I attempted forwarding to a second instance using the reverse proxy through the “redirect” app with its own domain.

However, it fails with “too many redirects.” I tried setting the yuno2 yunohost server’s main domain to both the dedicated domain and to its local IP address. No luck. Here is the default config:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 80;
    listen [::]:80;
    server_name yuno2.mydomain.com xmpp-upload.yuno2.mydomain.com muc.yuno2.mydomain.com;

    access_by_lua_file /usr/share/ssowat/access.lua;

    include /etc/nginx/conf.d/acme-challenge.conf.inc;

    location ^~ '/.well-known/ynh-diagnosis/' {
        alias /var/www/.well-known/ynh-diagnosis/;
    }

    
    location ^~ '/.well-known/autoconfig/mail/' {
        alias /var/www/.well-known/yuno2.mydomain.com/autoconfig/mail/;
    }
    

    
    
    location / {
        return 301 https://$host$request_uri;
    }
    
    

    include /etc/nginx/conf.d/yunohost_http_errors.conf.inc;

    access_log /var/log/nginx/yuno2.mydomain.com-access.log;
    error_log /var/log/nginx/yuno2.mydomain.com-error.log;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name yuno2.mydomain.com;

    include /etc/nginx/conf.d/security.conf.inc;

    ssl_certificate /etc/yunohost/certs/yuno2.mydomain.com/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/yuno2.mydomain.com/key.pem;

    
    

    
    location ^~ '/.well-known/autoconfig/mail/' {
        alias /var/www/.well-known/yuno2.mydomain.com/autoconfig/mail/;
    }
    

    access_by_lua_file /usr/share/ssowat/access.lua;

    include /etc/nginx/conf.d/yuno2.mydomain.com.d/*.conf;

    include /etc/nginx/conf.d/yunohost_sso.conf.inc;
    include /etc/nginx/conf.d/yunohost_admin.conf.inc;
    include /etc/nginx/conf.d/yunohost_api.conf.inc;
    include /etc/nginx/conf.d/yunohost_http_errors.conf.inc;

    access_log /var/log/nginx/yuno2.mydomain.com-access.log;
    error_log /var/log/nginx/yuno2.mydomain.com-error.log;
}


# vhost dedicated to XMPP http_upload
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name xmpp-upload.yuno2.mydomain.com;
    root /dev/null;

    location /upload/ {
        alias /var/xmpp-upload/yuno2.mydomain.com/upload/;
        # Pass all requests to metronome, except for GET and HEAD requests.
        limit_except GET HEAD {
          proxy_pass http://localhost:5290;
        }

        include proxy_params;
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Authorization';
        add_header 'Access-Control-Allow-Credentials' 'true';
        client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server
    }

    include /etc/nginx/conf.d/security.conf.inc;

    ssl_certificate /etc/yunohost/certs/yuno2.mydomain.com/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/yuno2.mydomain.com/key.pem;

    
    

    access_log /var/log/nginx/xmpp-upload.yuno2.mydomain.com-access.log;
    error_log /var/log/nginx/xmpp-upload.yuno2.mydomain.com-error.log;
}

How can I (if at all) edit this to work like that?

2

I also attempted to follow this suggestion by kanhu on https://forum.yunohost.org/t/how-to-have-two-yunohosts-servers-at-home/321/6:

  1. Go to the /etc/nginx/conf.d/proxy.domain.tld.d and create a file proxy.conf. Add the following code with your own second server ip:
 location /  {
  proxy_pass https://192.168.0.100;  #ip address of the other server(needs to be static)
  proxy_set_header Host $host;
  
  #Force https
  if ($scheme = http) {
     rewrite ^ https://$server_name$request_uri? permanent;
      }

  proxy_buffering off;
  tcp_nodelay on;

 }
  1. Restart the nginx:service nginx restart

Note:- You will have to login to the YunoHost page to get the access to the proxy page. If you need to bypass it, add the proxy.domain.tld to the skipped_urls under /etc/ssowat/conf.json.persistent .

"skipped_urls": [
  "proxy.domain.tld"
]

But after doing that, when I go to the second server’s url yuno2.mydomain.com it still asks me to log in to my primary yunohost server and then simply redirects to the main domain of the first server (yunohost.mydomain.com)

1 Like
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.