NGINX前端Kibana不使用"_plugin/kibana/“URI

Question

我正在运行亚马逊网络服务管理的ElasticSearch来收集一些日志，并创建了一些Kibana仪表板来可视化数据，所有这些都运行得很好。

不幸的是，AWS集群附带的Kibana插件相当开放，所以我设置了一个NGINX反向代理来提供身份验证访问。如果我简单地点击域名URL并指定Kibana插件的完整URI，也可以很好地工作。例如：

http://nginx.domain.com/_plugin/kibana/app/kibana工作得很好，下面是我用来实现这一点的nginx配置：

worker_processes  1;
events {
    worker_connections  1024;
}
http {
        server {
                listen 80;
                server_name localhost;
                location / {
                        proxy_set_header X-Real-IP  $remote_addr;
                        proxy_set_header X-Forwarded-For $remote_addr;
                        proxy_set_header Host $host;
                        proxy_set_header User-Agent $http_user_agent;
                        auth_basic_user_file /etc/nginx/.htpasswd;
                        auth_basic "Auth Required";
                        proxy_pass https://search-mystuff.ap-southeast-2.es.amazonaws.com/;
                        proxy_redirect https://search-mystuff.ap-southeast-2.es.amazonaws.com/ /;
                        proxy_set_header Authorization "";
                        proxy_hide_header Authorization;
                }
        }
}

我不想提供完整的URL，而是简单地点击NGINX服务器的基本域名，然后NGINX服务器会将我重定向到完整的Kibana URI。所以我想做的是：

http://nginx.domain.com

在输入上面的URL之后，我希望被重定向到完整的Kibana URI，所以我最终会得到一个如下所示的URL

http://nginx.domain.com/_plugin/kibana/app/kibana

下面是我尝试过的nginx配置(在各种不同的排列中)，它不起作用：

worker_processes  1;
events {
    worker_connections  1024;
}
http {
        server {
                listen 80;
                server_name localhost;
                location / {
                        proxy_set_header X-Real-IP  $remote_addr;
                        proxy_set_header X-Forwarded-For $remote_addr;
                        proxy_set_header Host $host;
                        proxy_set_header User-Agent $http_user_agent;
                        auth_basic_user_file /etc/nginx/.htpasswd;
                        auth_basic "Auth Required";
                        proxy_pass https://search-mystuff.ap-southeast-2.es.amazonaws.com/_plugin/kibana/app/kibana;
                        proxy_redirect https://search-mystuff.ap-southeast-2.es.amazonaws.com/_plugin/kibana/app/kibana /;
                        proxy_set_header Authorization "";
                        proxy_hide_header Authorization;
                }
        }
}

使用上面的配置，当我浏览到http://nginx.mydomain.com时，URL被重定向到：

http://nginx.myaws.com.au/_plugin/kibana/app/kibana

这看起来应该可以工作，但是我在浏览器窗口中收到一个错误：

{"statusCode":404,"error":"Not Found"}

我有大约4个小时的nginx经验，所以希望我错过了一些简单的东西。任何帮助都将不胜感激。

谢谢!

Answer 1

终于拿到了！

worker_processes auto;  

events {  
    worker_connections 1024;
}

http {  

    server {
      listen 80 default_server;
      server_name localhost;

      location / {
        proxy_set_header Host https://<endpoint address>.es.amazonaws.com;
        proxy_set_header X-Real-IP <nginx ip address>;

        proxy_http_version 1.1;
        proxy_set_header Connection "Keep-Alive";
        proxy_set_header Proxy-Connection "Keep-Alive";
        proxy_set_header Authorization "";

        proxy_pass https://<endpoint address>.es.amazonaws.com/_plugin/kibana/;
        proxy_redirect https://<endpoint address>.es.amazonaws.com/_plugin/kibana/ http://<nginx url>/kibana/;
    }

      location ~ (/app/kibana|/app/timelion|/bundles|/es_admin|/plugins|/api|/ui|/elasticsearch) {
         auth_basic_user_file   /etc/nginx/.htpasswd;
         auth_basic         "Auth Required";
         proxy_pass              https://<endpoint address>.es.amazonaws.com;
         proxy_set_header        Host $host;
         proxy_set_header        X-Real-IP $remote_addr;
         proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header        X-Forwarded-Proto $scheme;
         proxy_set_header        X-Forwarded-Host $http_host;
         proxy_set_header    Authorization "";
         proxy_hide_header   Authorization;
    }
  }
}