Hi there i have a beryl ax router and what i want it to do, is to add a cutom header e.g “X-CLIENT-NAME: MYNAME”, and so with the help of ai i was able to add this to nginx config on top of glinet’s basic config:
index gl_home.html;
lua_shared_dict shmem 12k;
lua_shared_dict nonces 16k;
lua_shared_dict sessions 16k;
init_by_lua_file /usr/share/gl-ngx/oui-init.lua;
# SSL Configuration for api.wifiyanidday.com
server {
listen 443 ssl;
server_name api.wifiyanidday.com;
# SSL Configuration
ssl_certificate /etc/nginx/api.wifiyanidday.com.crt;
ssl_certificate_key /etc/nginx/api.wifiyanidday.com.key;
# Add custom header with client's local IP address
add_header X-ROUTER-NAME "Nidday Mark";
# Proxy to backend service
location / {
proxy_pass https://api.wifiyanidday.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_verify off; # Disable SSL verification for the remote API
proxy_ssl_server_name on;
}
}
# Additional server block for other routes (like /rpc, /ws, /upload, etc.)
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name _; # Default server for all other requests
ssl_certificate /etc/nginx/nginx.cer;
ssl_certificate_key /etc/nginx/nginx.key;
resolver 127.0.0.1 ipv6=off;
rewrite ^/index.html / permanent;
# Other locations
location = /rpc {
content_by_lua_file /usr/share/gl-ngx/oui-rpc.lua;
add_header Content-Type application/json;
add_header X-Frame-Options DENY;
}
location = /ws {
add_header X-Frame-Options DENY;
content_by_lua_file /usr/share/gl-ngx/oui-ws.lua;
}
location = /upload {
add_header X-Frame-Options DENY;
content_by_lua_file /usr/share/gl-ngx/oui-upload.lua;
}
location = /download {
add_header X-Frame-Options DENY;
content_by_lua_file /usr/share/gl-ngx/oui-download.lua;
}
location /cgi-bin/ {
add_header X-Frame-Options DENY;
include fastcgi_params;
fastcgi_read_timeout 300;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
location ~.*\.(html|png|jpg|svg)$ {
add_header Cache-Control "private, no-store, no-cache, must-revalidate, proxy-revalidate";
add_header X-Frame-Options DENY;
}
include /etc/nginx/gl-conf.d/*.conf;
}
I added the first server block, but when i tested it with curl, my traffic never went through ngix, it went directly to the remote server, so no header was set, so i googled and found out i needed to update my routers dns to match any traffic from my api.wifiyanidday.com to my nginx server at 192.168.8.1, and it did route it there, but then when i test it with curl without the proxy pass and just a text return, it works, but when i added my server as the proxy pass, i get:
root@GL-MT3000:~# curl -v -k https://api.wifiyanidday.com
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
> GET / HTTP/1.1
> Host: api.wifiyanidday.com
> User-Agent: curl/7.83.1
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/1.1 502 Bad Gateway
< Server: nginx/1.26.1
< Date: Sun, 09 Feb 2025 23:01:19 GMT
< Content-Type: text/html
< Content-Length: 157
< Connection: keep-alive
<
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.26.1</center>
</body>
</html>
root@GL-MT3000:~#
What am i doing wrong in my config or rather, I’ll appreciate any help i can get. Thanks!