Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stream's server_name not taking in regex capture #132

Open
brian-bk opened this issue Sep 6, 2024 · 2 comments
Open

Stream's server_name not taking in regex capture #132

brian-bk opened this issue Sep 6, 2024 · 2 comments
Assignees
@arut
Labels
need more info

Comments

@brian-bk
Copy link

brian-bk commented Sep 6, 2024

Environment

I'm trying everything in a docker-compose environment to keep things simple and repeatable. I've tried this with nginx=1.25.5 and newer.

docker-compose.yaml 
services:
  nginx:
    platform: linux/amd64
    image: "nginx:1.25.5-bookworm"
    command: [nginx-debug, '-g', 'daemon off;']
    ports:
      - "33306:33306"
      - "8080:80"
    volumes:
      - ${PWD}/nginx.conf:/etc/nginx/nginx.conf
  mysql:
    platform: linux/amd64
    image: "mysql:8.0.39-bookworm"
    environment:
      - MYSQL_ROOT_PASSWORD=123456
    ports:
      - '3306:3306'
nginx.conf 
user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  512;
}




http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    # include /etc/nginx/conf.d/*.conf;

}

stream {
    server {
        listen 33306;

        server_name ~^(?<service>.+).local.docker$;

        proxy_pass $service:3306;
    }
}
/etc/hosts 
127.0.0.1 mysql.local.docker

Description

The server_name being added to the streams module, I'm very interested in using it to create a rudimentary dynamic proxy to containerized databases for development environments. However, the regex capture as described in the documentation is not working for me. Perhaps I'm missing some more context about how this is supposed to work, and it might not actually work. 🤷

When I make a request using telnet, mysql, or curl to mysql.local.docker to the stream port 33306, I'm expecting the regex server_name ~^(?<service>.+).local.docker$; to capture the host and route the service to mysql, and I don't see that happening. The connection is not passed through.

nginx configuration

The relevant nginx configuration:

stream {
    server {
        listen 33306;

        server_name ~^(?<service>.+).local.docker$;

        proxy_pass $service:3306;
    }
}

nginx debug log

I can see no $service is captured here when I execute telnet mysql.local.docker 33306. It ends up being the blank string.

nginx-1  | 2024/09/06 22:00:52 [error] 29#29: *1 no host in upstream ":3306", client: 192.168.65.1, server: 0.0.0.0:33306, bytes from/to client:0/0, bytes from/to upstream:0/0

other things

I've tried a few different kind of regex captures, the numbered capture or even a complete capture

        server_name ~^(.+)$;
        proxy_pass $1:3306;

with no luck.
@brian-bk brian-bk added the bug label Sep 6, 2024
@arut
Copy link
Contributor

arut commented Sep 7, 2024

In Stream server name always comes from SSL, which is missing in your configuration. There are two ways to use it:

  • ssl termination; in this case you need to enable ssl in listen
  • ssl_preread; in this case you need to enable ssl_preread in the default server

In HTTP server name may also come from HTTP Host header, but this option is unavailable in Stream for obvious reasons.

@arut arut removed the bug label Sep 7, 2024
@brian-bk
Copy link
Author

Of course, makes a lot of sense! I was wondering if I either needed ssl or to use something with the proxy protocol. I'll try to work on a complete example for succinctness.

@arut arut self-assigned this Sep 19, 2024
@wdj55556 wdj55556 mentioned this issue Sep 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@arut arut

Labels
need more info
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@arut @brian-bk @Maryna-f5