mirror of
https://github.com/fatedier/frp.git
synced 2026-05-15 08:05:49 -06:00
[GH-ISSUE #2804] Wildcard for http Services #2243
Labels
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/frp#2243
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @alturismo on GitHub (Feb 18, 2022).
Original GitHub issue: https://github.com/fatedier/frp/issues/2804
Describe the feature request
use wildcard subdomain in terms FRP is ahead of a nginx reverse proxy webserver
or may this is not the real usecase as FRP is already a RP by itself, i also struggle with the forward ip ... but this would be my next step in terms wildcard is possible/implemented.
Describe alternatives you've considered
use tcp instead http/s, but then the real ip forwarding seems to be impossible, and as there are rules on the nginx server for geo blocking, fail2ban, ... would be nice ;)
Affected area
@fatedier commented on GitHub (Feb 18, 2022):
You can use custom domains instead of studomain.
@alturismo commented on GitHub (Feb 18, 2022):
then i prolly missunderstand the configuration
i remove the subdomain host from frps.ini and start only with http and https vhost setting
now i set in frpc.ini
[https]
type = https
local_ip = 192.168.1.83 ## my nginx reverse proxy listening on subdomains like app1.my-domain.de, app2.my-domain.de
local_port = 443
remote_port = 443
custom_domains = my-domain.de
#proxy_protocol_version = v2
when i now try to reach app1.my-domain.de it doesnt work, so i assume i missunderstand the config
@fatedier commented on GitHub (Feb 18, 2022):
custom_domains = my-domain.de->custom_domains = *.my-domain.de@alturismo commented on GitHub (Feb 18, 2022):
no idea what i did before, but yes, that now worked, thanks alot ;)
for the issue with
proxy_protocol_version = v1, v2, ...
shell i rather open another issue ?
@fatedier commented on GitHub (Feb 18, 2022):
What's your problem about proxy protocol?
@alturismo commented on GitHub (Feb 18, 2022):
as soon as i set proxy_protocol_version = v1 or v2, no more connection to nginx is possible.
i interpreted the proxy_protocol_version is to forward the x-real ip from the client to the frpc destination, in my term its a nginx server.
i also dont get any real errors in the real time logging from frps or frpc, sample
i end up with this in the browser, no connection due
ERR_SSL_PROTOCOL_ERROR
from frps log (source ip redone)
2022/02/18 11:40:09 [I] [proxy.go:179] [0a6137ada86241af] [https] get a user connection [12.13.14.15:33175]
@alturismo commented on GitHub (Feb 18, 2022):
and this is from the nginx access log (local server), whils 192.168.1.200 is where currently frpc is running on, so also not forwarding the x-real ip to nginx anyhow and overall not working as described one above.
192.168.1.200 - - [18/Feb/2022:11:40:01 +0100] "\x00" 400 150 "-" "-"
192.168.1.200 - - [18/Feb/2022:11:40:09 +0100] "\x00" 400 150 "-" "-"
192.168.1.200 - - [18/Feb/2022:11:40:09 +0100] "\x00" 400 150 "-" "-"
192.168.1.200 - - [18/Feb/2022:11:41:06 +0100] "\x00" 400 150 "-" "-"
192.168.1.200 - - [18/Feb/2022:11:41:06 +0100] "\x00" 400 150 "-" "-"
for any Tipps what i may did wrong, thanks ahead
@alturismo commented on GitHub (Feb 18, 2022):
or is this not possible in this usecase, www client -> FRPS -> FRPC -> Nginx Reverse Proxy -> Services (app1, app2, app3, ...) to use the real ip mode.
Reason im looking into this, currently tested the ssh reverse tunnel but there its not possible to forward the www client ip to the nginx Server, and as there should be some protection left like geo blocking, fail2ban, ... this is obsolete without real ip forwarding.
@fatedier commented on GitHub (Feb 18, 2022):
You should update your nginx config to identify proxy protocol.
@alturismo commented on GitHub (Feb 18, 2022):
thanks for the hint, now only left howto get xreal ip with the proxy protocol ;)
i have to watch as the FRP solution here is meant as fallback solution, so i dont want to loose xreal ip in "normal" usage.
thanks again for your help
@alturismo commented on GitHub (Feb 18, 2022):
can be closed for the Topic Question, wildcard is working as expected, i give up on the project with real ip forwarding, i followed the nginx tut but i stay on local server as source ip in all apps
https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/#:~:text=To%20configure%20NGINX%20to%20accept,%3B%20%23...%20%7D%20%7D
thanks again, if i wouldnt resist on x real ip it would be the perfect solution ;) but seems it doesnt fit in my enviroment or i have some bad setting somewhere ;)
but 👍 for this nice app
@alturismo commented on GitHub (Feb 18, 2022):
ok, after some more digging i figured it and its working ;)
thanks for the pointers, sadly its a only working in a one way solution, either behind nginx directly (withoud mods) OR behind the FRP solution (with nginx mods).
but thats a different story ... ;)
may as note why, i arranged myself a Fallback LTE Internet solution if my cable is failing, so in this situation i switch to mobile network, as its behind NAT i cant connect directly anymore and need a reverse tunnel, which i accomplished with ssl reverse tunneling, now there was the point as ssl reverse has no way to forward client's real ip ... so i started today morning with this and voila, very nice.
thanks again 👍