Logs not coming through Nginx Reverse Proxy (Nginx config issue?)

1.5k views Asked by At

We have Node.js applications sending logs to a URL which points to my Nginx Reverse Proxy server.

I have the nginx reverse proxy server setup in a docker container and then have a set of containers for Fluentd, ElasticSearch and Kibana which are meant to receive, collect and display these logs. The only ports kept open on the server running these containers including nginx reverse proxy are 8080(http) and 443(https).

The logs get generated properly from the application as I have tested and confirmed that. Also, if I do the entire setup without the nginx reverse proxy in the docker container, then it all runs fine.

The same nginx reverse proxy is also being used to proxy other servers and they all are functioning fine.

The only problem seems to be the nginx reverse proxy setting which isn't able to receive the Node.js application logs which are in JSON format. However Http and https request are going through.

I am using LetsEncrypt to generate SSL certificates automatically and auto generating this nginx config accordingly.

I have attached my nginx config file here:

# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
  default $http_x_forwarded_proto;
  ''      $scheme;
}
# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
# server port the client connected to
map $http_x_forwarded_port $proxy_x_forwarded_port {
  default $http_x_forwarded_port;
  ''      $server_port;
}
# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
  default upgrade;
  '' close;
}
# Set appropriate X-Forwarded-Ssl header
map $scheme $proxy_x_forwarded_ssl {
  default off;
  https on;
}
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml applic
ation/xml+rss text/javascript;
log_format vhost '$host $remote_addr - $remote_user [$time_local] '
                 '"$request" $status $body_bytes_sent '
                 '"$http_referer" "$http_user_agent"';
access_log off;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
proxy_set_header X-Forwarded-Host $host;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
server {
        server_name _; # This is just an invalid value which will never trigger on a real hostname.
        listen 80;
        access_log /var/log/nginx/access.log vhost;
        return 503;
}
upstream <hid_the_name> {
                                ## Can be connect with "reverse-proxy" network
                        # fluentd
                        server 172.21.0.9:24224;
}
server {
        server_name <hid_the_name>;
        listen 80 so_keepalive=1m::10;
        access_log /var/log/nginx/access.log vhost;
        return 301 https://$host$request_uri;
}
server {
        server_name <hid_the_name>;
        listen 443 ssl so_keepalive=1m::10 http2 ;
        access_log /var/log/nginx/access.log vhost;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-G
CM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-E
CDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES2
56-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AE
S256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256
:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 5m;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_certificate /etc/nginx/certs/<hid_the_name>.crt;
        ssl_certificate_key /etc/nginx/certs/<hid_the_name>.key;
        ssl_dhparam /etc/nginx/certs/<hid_the_name>.dhparam.pem;
        add_header Strict-Transport-Security "max-age=31536000";
        include /etc/nginx/vhost.d/default;
        location / {
                proxy_pass http://<hid_the_name>;
        }
}
1

There are 1 answers

1
Ankur10 On BEST ANSWER

So this Config file was then being called in another nginx config file inside the http block. We can't accept TCP input in that block. So I just had to create another block for stream and then put in the necessary details inside that for the tcp connection and it is all good now.