semaphore
semaphore copied to clipboard
semaphoreui
NGINX config update
Hello! https://docs.ansible-semaphore.com/administration-guide/security Update NGINX config, please It doesn't work
Also a useful tool for Nginx config https://www.digitalocean.com/community/tools/nginx
Hi,
Working config
In config.json set web_host to /semaphore
In nginx config
location /semaphore {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
proxy_request_buffering off;
proxy_pass http://127.0.0.1:3000$request_uri;
}
location /semaphore/api/ws {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Origin "";
proxy_pass http://127.0.0.1:3000$request_uri;
}
Hi,
In
config.jsonsetweb_hostto/semaphoreIn nginx config
location /semaphore { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_buffering off; proxy_request_buffering off; proxy_pass http://127.0.0.1:3000$request_uri; } location /semaphore/api/ws { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Origin ""; proxy_pass http://127.0.0.1:3000$request_uri; }
Is that configuration not working?
I think you can use:
proxy_pass http://127.0.0.1:3000;
Need documenting how to put project into nginx subdirectory.
I'm seeing weird websocket behavior. Backend just closes the connection.
here is error.log:
2023/01/06 16:33:15 [error] 9787#9787: *117 connect() failed (111: Connection refused) while connecting to upstream, client: 83.XX.YY.ZZ, server: semaphore.tmp.domain.name, request: "GET /semaphore/api/ws HTTP/1.1", upstream: "http://127.0.0.1:3000/semaphore/api/ws", host: "semaphore.tmp.domain.name"
I use the official image and docker-compose:
version: "3.3"
services:
semaphore:
ports:
- "127.0.0.1:3000:3000"
image: semaphoreui/semaphore:v2.8.69
environment:
SEMAPHORE_DB_DIALECT: mysql
SEMAPHORE_DB_HOST: host.docker.internal
SEMAPHORE_DB_PORT: 3306
SEMAPHORE_DB_NAME: semaphore
SEMAPHORE_DB_USER: semaphoreuser
SEMAPHORE_DB_PASS: xxxdbpass
SEMAPHORE_ADMIN_PASSWORD: xxadminpass
SEMAPHORE_ADMIN_NAME: admin
SEMAPHORE_ADMIN_EMAIL: [email protected]
SEMAPHORE_ADMIN: admin
SEMAPHORE_PLAYBOOK_PATH: /opt/ansible/
SEMAPHORE_TMP_PATH: /tmp/
SEMAPHORE_WEB_ROOT: https://semaphore.tmp.domain.name/semaphore/
volumes:
- ./home:/etc/semaphore # config.json location
- ./projects:/opt/ansible/
extra_hosts:
- "host.docker.internal:host-gateway
nginx config also simple:
...
upstream semaphore {
server 127.0.0.1:3000;
}
...
server {
...
location /semaphore/ {
proxy_pass http://semaphore/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /semaphore/api/ws {
proxy_pass http://semaphore$request_uri;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Origin "";
proxy_buffering off;
proxy_request_buffering off;
}
}
If I move Semaphore to root and change the SEMAPHORE_WEB_ROOT to empty, everything works. Of course, without using nginx, everything also works.
It is absolutely impossible to set a variable web_host to empty or /semaphore.
This blocks the normal loading of the https site.
As a workaround, I can offer a dedicated subdomain, but this situation does not suit me.
Hi @pavlozt , I am having the same problem, did you ever find a solution?
@TapuzTeam , no, I just used a semaphore on a subdomain.
I see a number of changes in the api/router.go file since then times. Have you tried the new versions?