How to configure nginx proxypass?

Good afternoon everyone.A web server in the local network was accessible from the outside via port forwarding (pfsense is also) TCP 80, 443, 4055. When you log into the web interface and enter the login and password has opened a "web phone". There is a need for an external address have access to different machines by dns name on 80 and 443 ports. We decided to use nginx as a reverse proxy (maybe there are easier solutions) with a basis for possible future load balancing according to some sites. Address 192.168.1.2 Changed nginx forwarding 80 and 443 port to 192.168.1.2 In your nginx configuration ordered (here only the part related to this server, the rest are set up by analogy)

server {
listen 443 ssl;
server_name DOMAIN.NAME.SERVER;
ssl_certificate /etc/ssl/certs/fullchain.pem;
ssl_certificate_key /etc/ssl/private/0000_key-certbot.pem;
ssl_protocols TLSv1 TLSv1.1 TLSV1.2;
access_log /var/log/nginx/proxy.log;
location / {
proxy_pass https://192.168.1.1:443;
}
}
server {
listen 80;
server_name DOMAIN.NAME.SERVER;
access_log /var/log/nginx/oktell_proxy.log;
location / {
proxy_pass http://192.168.1.1;
}
}

Now the web server interface accessible from the outside by dns name (and other servers), but after entering a username and password error occurs. I do not understand what the problem is and generally where it is. I will be glad to hear any comments and tips experienced people on the current setup (may need to change), as well as to see links to articles for setting up similar configurations. Thank you all in advance.
June 27th 19 at 15:34
2 answers
June 27th 19 at 15:36
Solution
here such error was in the front

VM197:37 WebSocket connection to 'ws://oktell.ooossa.ru/' failed: Error during WebSocket handshake: Unexpected response code: 200

as you can see, the site uses web socket, therefore you need to add a couple of directives in the config

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";

now works
June 27th 19 at 15:38
Add in location /
proxy_set_header Host $Host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;

And see what error logs nginx
And yet, the port is https clean. It there once.
176.121.35.37 - - [10/Apr/2017:10:05:32 +0700] "GET /bower_components/angular-i18n/angular-locale_ru.js HTTP/1.1" 304 0 "https://доменное.имя.сервера/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"
176.121.35.37 - - [10/Apr/2017:10:05:33 +0700] "GET /img/logo_big.png HTTP/1.1" 304 0 "https://доменное.имя.сервера/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"
176.121.35.37 - - [10/Apr/2017:10:05:33 +0700] "GET /img/icons/flags.png HTTP/1.1" 304 0 "https://доменное.имя.сервера/styles/main.css?14665..." "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"
176.121.35.37 - - [10/Apr/2017:10:05:36 +0700] "GET / HTTP/1.1" 200 4922 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"
176.121.35.37 - - [10/Apr/2017:10:05:41 +0700] "GET / HTTP/1.1" 200 4922 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" - beatrice_Breitenberg78 commented on June 27th 19 at 15:41

Find more questions by tags Nginx