I am running Percona Monitoring and Managent (“PMM”) as a service for my fellow colleagues so they can monitor their databases.
PMM runs as a container on a virtual machine, listening on port 8080.
On the same virtual machine runs another nginx webserver as a reverse proxy for the container. The configuration looks like this:
server {
listen 443 ssl http2;
server_name pmm.internal;
location / {
grpc_pass grpcs://172.29.0.108:8080;
grpc_ssl_verify off;
}
}
Now this worked if I opened https://pmm.internal/graph. However If I opened https://pmm.internal (without the “graph” path), I was redirected to https://172.29.0.108:8080/graph instead of https://pmm.internal/graph.
The nginx webserver inside the container has the following rewrite:
rewrite ^/$ $scheme://$http_host/graph/
The http_host variable is derived from the Host-Header. So because of the reverse proxy the Host-Header was wrong and I had to explicitly set the header in the location to the correct domain:
server {
location / {
grpc_pass grpcs://172.29.0.108:8080;
grpc_ssl_verify off;
grpc_set_header Host pmm.internal.mms-support.de;
}
}
This works. :)