I have a functional Boundary infrastructure with a HTTP target to a web service in the cloud. When the app sends a 301, 302, or 303 redirect the ephemeral port gets dropped because the server isn’t listening on that port. For example:
$ curl -v http://127.0.0.1:50727/
* Trying 127.0.0.1:50727...
* Connected to 127.0.0.1 (127.0.0.1) port 50727 (#0)
> GET / HTTP/1.1
> Host: 127.0.0.1:50727
> User-Agent: curl/7.78.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Fri, 13 Aug 2021 18:56:16 GMT
< Content-Type: text/html;charset=utf-8
< Content-Length: 0
< Connection: keep-alive
< Location: http://127.0.0.1/login
...
< Server: WEBrick/1.4.2 (Ruby/2.5.1/2018-03-29)
...
* Connection #0 to host 127.0.0.1 left intact
I want to use nginx as a reverse proxy to try to resolve this issue but I can’t find a way to preserve the port. Here is what my nginx conf looks like:
upstream app {
server localhost:9292;
}
server {
listen 80;
server_name localhost;
more_clear_headers Server; # hide server details
root /app/public;
try_files $uri/index.html $uri @app;
location @app {
proxy_pass http://app;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
I’ve tried altering the proxy_set_header like so, to no avail: proxy_set_header Host $host:$server_port;.
I’ve also tried adding the port_in_redirect off; configuration option to no avail.
Does anyone know how I might be able to resolve this issue? I feel like it will be common as folks adopt Boundary and use web or application servers that perform HTTP redirects that drop the ephemeral port.
UPDATE: I created a feature request for this: Location Header Rewriting for HTTP Targets · Issue #1461 · hashicorp/boundary · GitHub