Objective: I am trying to setup a proxy server on server A so that server B can use docker proxy via server A with following conditions:
The current setup I have is:
On Server B: Modified the docker's /etc/systemd/system/docker.service.d/http-proxy.conf with:
[Service]
Environment="HTTP_PROXY=http://<server A ip>:8000"
Environment="HTTPS_PROXY=http://<server A ip>:8000"
Environment="NO_PROXY=localhost,127.0.0.1"
On Server A: I have installed and updated the squid.conf with
http_port 3128
acl allowed_ips src <server B ip>
http_access allow allowed_ips
PS If change the server B's docker conf to port 3128 I am able to use docker login and docker pull
The Problem Since the nginx has already bound the port 8000 and listening for :8000/db api traffic I have setup proxy_pass block but the nginx is unable to resolve the calls from docker login and I am constantly getting Bad request errors..Here is a simplified nginx conf file I am using:
server {
listen 8000;
location /db {
include uwsgi_params;
uwsgi_pass 127.0.0.1:5921;
}
location / {
proxy_pass http://127.0.0.1:3128;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Error Response:
In nginx logs it says: "CONNECT ghcr.io:443 HTTP/1.1" 400 166 "-" "-"
And the docker login command returns Error response from daemon: Get "https://ghcr.io/v2/": Bad Request
Please help me how can I achieve my objective or if there is a better approach that I can use?
Ok, Finally figured out a solution:
I had to recompile the nginx with ngx_http_proxy_connect_module
Git repo: https://github.com/chobits/ngx_http_proxy_connect_module
But I did change the way we had to configure the nginx during recompilation and add all the config params used in a regular install that are listed with nginx -V and add the add module described the readme at the end