Lxd bridge expose to lan nginx

ilpepe4 · October 22, 2018, 6:37pm

Hi,
I have a computer that also functions as server (for now).
I’m using lxd containers for webservers.

I would like to connect to the containers on computer on my home network, but also from the computer/server.

I have good experiences with macvlan to expose the containers to the network.
However you can’t connect to the container from the server.

So I setup a fan bridge. Containers have ip adress 240.93.0.XXX and are online.
I would like to use Nginx as proxy the webservers of the containers to certain weblocations. Nginx is installed on the host.

Is this even possible?
I’m using

server {
  listen 80;
  #server_name mydomain.com;
    location /test/ {
      access_log off;
      proxy_pass http://240.93.0.27;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

as a virtualhost in the host nginx.

Browsing to that ip in firefox simply works (I see the right webpage).

Any help? is this even possible?

varad · October 22, 2018, 11:48pm

Try changing from :

proxy_pass http://240.93.0.27;

to

proxy_pass http://240.93.0.27:80;

Try visiting mydomain.com/test/ or
http://[your host ip here]/test/
if you see the page, that worked.

Point to note : make sure that there is something listening inside the container on port 80 ( For example nginx or apache). As you didn’t mention what port, the proxy_pass isn’t working.

I didn’t quiet understand what you mean by this :

I have a similar setup where I use upstream to proxy traffic from my host to the containers.
You can setup proxy rules to pass ssh traffic on different ports of your host ip to the containers to access them using iptables. (Maybe adding a device proxy as well, but I haven’t tried proxying ssh into containers using the proxy settings mentioned here

ilpepe4 · October 23, 2018, 8:12pm

Thanks. Somehow I can’t get this to work.

ip host 192.168.1.93
ip container 240.93.0.27

lxd: ubuntu 18:04
nginx.

from host:

curl 240.93.0.27

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
container test
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

so works and is serving webage

on host:

/etc/nginx/sites-enables

1 file: default

added this to the server block

    location /test/ {
      access_log off;
      proxy_pass http://240.93.0.27:80;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

systemctl restart nginx

to reload config

on host:

curl 193.168.1.93

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
host
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

curl 192.168.1.93/test

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

curl 192.168.1.93/test/

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

what am i doing wrong?

ilpepe4 · October 23, 2018, 8:30pm

Hi
found it…
Seems nginx is really ‘slash’ sensitive:

        location /test/ {
                access_log off;
                proxy_pass http://240.93.0.27:80/;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

slash (end of the url) is important to get it to work…