docker-oracle-apex-ords icon indicating copy to clipboard operation
docker-oracle-apex-ords copied to clipboard

Published 20 hours ago verified publisher icon araczkowski

Ords 3.0.9 doesn't accept NGINX reverse proxy

Open lmfmsilva opened this issue 8 years ago • 3 comments

Hi Andrzej,

After some testing I found out that I can't use a NGINX reverse proxy in front of your docker image (strange error regarding CORS after the login page).

I know (because I tested on a different docker image) that ORDS 3.0.2 works just fine behind NGINX. Is it possible that you downgrade you image?

Best regards,

Luís

lmfmsilva avatar Jan 28 '17 23:01 lmfmsilva

Had the same Problem. Apache works fine. Also you can fork this Repo and replace ORDS with another Version. http://www.oracle.com/technetwork/developer-tools/rest-data-services/downloads/ords-downloads-302-2841250.html

jhmk avatar Mar 06 '18 17:03 jhmk

Hi,

try:

location /ords { proxy_pass http://127.0.0.1:8080; proxy_set_header Origin ""; }

  location /i {
        proxy_pass http://127.0.0.1:8080;
          proxy_set_header Origin "";
}

araczkowski avatar Mar 06 '18 18:03 araczkowski

Here is my solution (works only with one running Docker Container):

  • Stop all Services that listen on Port 80 / 443 on your Host (not Docker)

  • get the Container IP Address with docker inspect *CONTAINER*. Should be something like 172.17.0.*

  • Add some Iptable rules (my IP is 172.17.0.2)

sudo iptables -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT

sudo iptables -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT

iptables -t nat -A DOCKER -p tcp --dport 80 -j DNAT --to-destination 172.17.0.2:80

iptables -t nat -A DOCKER -p tcp --dport 443 -j DNAT --to-destination 172.17.0.2:443

  • ssh in the docker and install nginx with the proxy settings from the post above

  • if you like to have SSL use the LetsEncrypt Certbot with DNS validation certbot -d YOURDOMAIN --manual --preferred-challenges dns certonly

Done

Also here is my full nginx config: ` server { listen 80 default_server; listen [::]:80 default_server;

    server_name YOURDOMAIN;

rewrite ^/(.*)$ https://YOURDOMAIN/ords/f?p=10000:LOGIN:::::: ;

}

server { listen 443 default_server; listen [::]:443 default_server;

# rewrite can be changed to your Apex App ID
rewrite ^/$ https://YOURDOMAIN/ords/f?p=10000:LOGIN:::::: redirect;

root /var/www/html;

index index.html;

server_name YOURDOMAIN;

location /i { proxy_pass http://127.0.0.1:8080; proxy_set_header Origin ""; }

location /ords { proxy_pass http://127.0.0.1:8080; proxy_set_header Origin ""; }

location / {
    proxy_pass http://127.0.0.1:8080;
      proxy_set_header Origin "";
	try_files $uri $uri/ =404;
}


    ssl on;
    ssl_certificate /etc/letsencrypt/live/YOURDOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/YOURDOMAIN/privkey.pem;

} `

jhmk avatar Mar 13 '18 16:03 jhmk