Hide path to backend with Nginx
I have OpenNMS running on host B-beta with the following URL:
http://b-beta:8980/opennms
I would like to use NginX to hide this path accessible from host a-alpha like this:
https://a-alpha/omber/nms
So I guess what I need is to rewrite requests send to the backend to change the path from /omber/nms to /opennms - but without it being visible to the user - is that something that can be done?
The HTTPS works fine already.
Solution 1:
The first step is to proxy requests from Nginx to your other server. On a-alpha:
location /ombre/nms {
proxy_pass http://b-beta:8980/opennms
}
From here, the remaining configurations are very dependant on the functioning of OpenNMS (which I am not familiar with).
The next part is dealing with redirects. If the requests are coming from the client side (e.g. your forms POST to a URL on b-beta or you have links pointing to b-beta), then you need to resolve those separately from Nginx. Keep in mind that the browser is unaware of the proxy - so it will send requests without modification to the server.
If you look look at the OpenNMS login page (for instance, the live demo). The login form POSTs to opennms/j_spring_security_check
. A successful login results in:
- a 302 redirect to
opennms
, followed by - a 302 redirect to
opennms/frontPage.htm
followed by - a 302 redirect to
opennms/index.jsp
.
Using Nginx, you cannot (easily) change the path the form POSTs to (that is probably an OpenNMS configuration option though), but you can change the redirects that are returned back the browser. There are some directives to consider:
proxy_redirect
: If you need to modify the redirect (i.e. location header) being returned to the browser
proxy_redirect http://b-beta:8980/opennms/ http://a-alpha/ombre/nms/;
This should be equivalent to proxy_redirect default
if contained in the location block above.
rewrite ... break
: If you need to modify the path that is being sent to opennms (break means that only the current location block will be processed).
rewrite /ombre/nms/a/(.*) /opennms/b/$1 break;
proxy_set_header
: if you need to modify some of the headers being sent to the backend.
By default, Nginx will set the Host header to $proxy_host
. If you setup OpenNMS on b-beta to act as if it was running on a-alpha (e.g. tell it that the domain is that of a-alpha, setup server blocks matching a-alpha, etc) then you will need to pass the Host header as it is received by a-alpha instead of letting Nginx modify it:
proxy_set_header Host $host;