Regarding gRPC with NGINX

Projects NGINX
1

I want to use grpc with nginx in which I need to assign TCP calls and grpc calls to the same subdomain can anyone help me regarding this

2

So long as you intend to use different ports for the TCP traffic and the gRPC traffic then it’s simply a case of creating a stream{} configuration for TCP and a http{} configuration for gRPC. Both can refer to the same ssl_certificate files on disk for the same subdomain.

1 Like
3

I am receiving 404 error from nginx while calling grpc method.

17448839922757902421359845344100
174488399227579024213598453441001920×1440 286 KB

4

My config for nginx are as below:

server {
server_name test.xyz.com;
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}

HTTPS server block

server {
server_name devexpertapi.fairgame.club;

# Enable HTTP/2 and HTTP/3
listen 443 ssl;
listen [::]:443 ssl;
listen 443 quic;
listen [::]:443 quic;

# SSL Configuration
ssl_certificate /etc/letsencrypt/live/devexpertapi.fairgame.club/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/devexpertapi.fairgame.club/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

========== gRPC Proxy ==========

location /grpc {
    rewrite ^/grpc/(.*)$ /$1 break;
    grpc_pass grpcs://localhost:60601;
    error_page 502 = /error502grpc;
    # grpc_pass localhost:60601;

    grpc_set_header Host $host;
    grpc_set_header X-Real-IP $remote_addr;
    grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    grpc_set_header X-Forwarded-Proto $scheme;

    grpc_read_timeout 300s;
    grpc_send_timeout 300s;
}


location = /error502grpc {
    internal;
    default_type application/grpc;
    add_header grpc-status 14;
    add_header grpc-message "unavailable";
    return 204;
}


# Proxy to local service
location / {
    proxy_pass https://localhost:6060;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Forwarded-Server $host;
    proxy_cache_bypass $http_upgrade;
    proxy_redirect off;
}

# Security headers
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

# HTTP/3 advertisement
add_header Alt-Svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';

# Optional: Uncomment if you're using FastCGI caching
# add_header X-FastCGI-Cache $upstream_cache_status;

# Remove or comment out these non-standard headers
# add_header QUIC-Status $http3;
# add_header x-quic 'h3';
# add_header X-protocol $server_protocol always;

}

5

Heya! The first thing that comes to mind when seeing your config is that you are querying NGINX on port 443, yet gRPC is only enabled on the /grpc location on the server block that’s listening on 443. On your default location /, you are proxy passing to something listening on port 6060 in your localhost and it’s not being done via gRPC. What is supposed to be listening on port 6060?

Beyond that, I would suggest trying to query the /grpc location instead of /, or alternatively moving the contents inside the default / location to a different port (like @liam suggested above) and renaming the /grpc location to /.

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.