Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

How to tell nginx to use another proxy to reach destination server ?

Go to solution
pepito
Altocumulus
Altocumulus

‎14-Sep-2022 05:56

Hello.

I create this discussion because of the following problem I'm encountering.

Here is the situation :

  • I have multiple servers which are in a secure network zone
  • I have another server where nginx is installed
  • The NGINX server has access to a remote destination (a gitlab) through a proxy

So the flow is the following : Servers in secure zone --> Server Nginx --> squid-proxy --> an internal gitlab in another network zone.

Is it possible to tell nginx to use this "squid-proxy" to reach the gitlab server, please ?

For the moment, I have this configuration :

 

 

 

 

 

server {
  listen 443 ssl;
  server_name <ALIAS DNS OF NGINX SERVER>;

  ssl_certificate /etc/nginx/certs/mycert.crt;
  ssl_certificate_key /etc/nginx/certs/mykey.key;
  ssl_session_cache shared:SSL:1m;
  ssl_prefer_server_ciphers   on;

  access_log /var/log/nginx/mylog.access.log;
  error_log  /var/log/nginx/mylog.error.log debug;

  location / {
    proxy_pass https://the-gitlab-host:443;
  }
}

 

 

 

 

 

But it does not work. When I try to perform a git command from a server in secure zone, it fails and in the nginx logs I see a timeout, which is normal, because nginx does not use the squid proxy to reach the gitlab server.

Thank you in advance for your help !

Best regards.

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Kevin_Stewart
F5 Employee
F5 Employee

‎15-Sep-2022 07:05

Could you elaborate a bit more?

Servers in secure zone --> Server Nginx --> squid-proxy --> an internal gitlab

Are you suggesting that traffic passing through a reverse proxy (nginx) needs to pass through a forward proxy (squid) to get to an internal resource? And if so, an explicit forward proxy?

 

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
Kevin_Stewart
F5 Employee
F5 Employee

‎15-Sep-2022 07:05

Could you elaborate a bit more?

Servers in secure zone --> Server Nginx --> squid-proxy --> an internal gitlab

Are you suggesting that traffic passing through a reverse proxy (nginx) needs to pass through a forward proxy (squid) to get to an internal resource? And if so, an explicit forward proxy?

 

0 Kudos

Go to solution
pepito
Altocumulus
Altocumulus

‎28-Oct-2022 07:25

Hello Kevin.

Sorry for the delay of my answer.

Yes, I am using nginx as a reverse proxy.

To reach the gitlab specific destination, it needs to use a forward proxy and I don't know how to configure that. Do you know how to do it ?

Thanks in advance.

0 Kudos

Go to solution
hmi
Nimbostratus
Nimbostratus

‎08-Dec-2022 23:37

I have a similar requirement, the Nginx has to go through a Squid HTTP proxy to access the target destination.

how to configure it?

 

Thank you.

0 Kudos
Copyright © 2023 Khoros, LLC