0

I wanted to access keyrock idm using nginx reverse proxy. But while doing so, nginx is unable to load the css and js files.

    location /idm/{

    proxy_pass           https://keyrock-host:keyrock-port/;
    proxy_set_header   X-Forwarded-Host    $host;
    proxy_set_header    Host                $host;
    proxy_set_header    X-Real-IP            $remote_addr;
    proxy_set_header    X-Forwarded-For        $proxy_add_x_forwarded_for;
    }

I am facing the following issue:

enter image description here

enter image description here

I tried doing somechanges but wasn't successful.

Timshrok
  • 97
  • 1
  • 1
  • 12
  • As I know, Keyrock can't work behind a reverse proxy, so root should be host:port – Dmitrii Mar 23 '19 at 01:03
  • is there any specific reason, as why keyrock cannot perform behind the reverse proxy. or any documentation for reference? – Timshrok Mar 25 '19 at 05:05
  • Sorry, it can work behind a proxy, but you can't use subfolders. You can create a request at GitHub to implement such functionality. I was unavailable to find it in docs, I just grepped source code and found that root is static / – Dmitrii Mar 25 '19 at 09:22
  • Dmitrii can you help me explain what does subfolders mean?? – Timshrok Mar 25 '19 at 10:31
  • Locations:) /test/, root is / – Dmitrii Mar 25 '19 at 10:54
  • oh okay :)) , bdw dmitrii can you help me out with configuring keyrock idm on non-root location like location /keyrock/ with nginx. I have been trying it out, since many days, but unable to load it properly. – Timshrok Mar 26 '19 at 16:11
  • What do you mean? As i mentioned above, u can't use /keyrock/, it must be /. – Dmitrii Mar 26 '19 at 16:54
  • Dmitrii,can you please provide the source code URL which you grepped for static root. Besides, I meant to say that if we can try to have any rewrite rules in nginx conf?? – Timshrok Mar 28 '19 at 05:02
  • https://github.com/ging/fiware-idm/blob/master/routes/web/authenticate.js, like /login. You can try to make a rule for every route, wish you luck. – Dmitrii Mar 28 '19 at 16:14
  • Hi, if you implement it you can of course propose an improvement by a PR. Thanks! – Álvaro Alonso Apr 01 '19 at 07:28

1 Answers1

0

Fiware Management

Idm KeyRock

This is a temporary solution, but it is not a definitive solution. Keyrock does not work properly in subdirectories.

I think you should implement that feature.

location /fiware-idm/ {
    proxy_set_header    X-Forwarded-Host   $host;
    proxy_set_header    Host               $host;
    proxy_set_header    X-Real-IP          $remote_addr;
    proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
    rewrite ^/fiware-idm(/.*)$  $1 break;
    
    proxy_pass http://keyrock:3005;
    proxy_redirect / /fiware-idm/;
    sub_filter '="/' '="/fiware-idm/';
    sub_filter '= "/' '= "/fiware-idm/';
    sub_filter '=\'/' '=\'/fiware-idm/';

    sub_filter_once off;
}

location /idm {
    proxy_pass http://keyrock:3005;
    sub_filter_once off;
}

location /img {

    proxy_pass http://keyrock:3005;
    sub_filter_once off;
}
PiRocks
  • 1,708
  • 2
  • 18
  • 29
MRROOX
  • 1