I am using Nginx to proxy pass to my wsgi app served with Circus.
I want to allow the traffic to that app for some urls of the app only for some IP address.
For now it look like this:
server {
listen 80;
server_name service.dev;
access_log /var/log/service.access.log;
error_log /var/log/service.error.log debug;
location / {
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1:9000/;
}
location /admin/ {
allow 192.168.5.0/24;
deny all;
}
}
But it doesn't work. If I have the right, I get a 404 error instead of the proxy_pass.
Do you know how I can do that without having to copy/paste the proxy_pass configuration each time?
Thank you.
EDIT 2
As per VBart's comments, I've changed the entries in
try_filesto$uri @proxy_to_app. This avoids any confusion over the order of named locations (they must always come last). Be advised that if the/admin/directory exists locally, this will be used instead of the proxy.EDIT
If you really want to use a named location to avoid duplicating
proxy_passfor each location, you can use the following:It's a bit of a hack,
try_filesrequires at least two parameters, in the first instance it will look for a local path with the same$uri(if you want to override with local files).In the second instance I've specified/dev/nullas the second path; this will never be used.ORIGINAL
Try this configuration:
The
location /block should only catch URIs that are not matched subsequently in other location blocks.