AnsweredAssumed Answered

Rest API Via nginx proxy, adding resolver breaks it

Question asked by ae_arcgis on May 22, 2019
Latest reply on Jun 21, 2019 by ae_arcgis

Hello, we are using a very basic nginx proxy to do our API calls due to some old libraries being used in our code base and us needing something in the middle to do the job, this appears to work fine:

 

```

server {
listen 0.0.0.0:8080;
# server name must match vesper sys.config

access_log /var/log/nginx/a17-arcgis/timers.access.log timing;
access_log /var/log/nginx/a17-arcgis/access.log;
error_log /var/log/nginx/a17-arcgis/error.log notice;

location /arcgis/rest/services/World/GeocodeServer/findAddressCandidates {
proxy_pass https://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates;
proxy_pass_request_headers on;
}

location /sharing/rest/oauth2/token {
proxy_pass https://www.arcgis.com/sharing/rest/oauth2/token/;
proxy_set_header Host $host;
proxy_pass_request_headers on;
}
}

```

 

I have a concern because I know the IP being used is part of AWS infrastructure, if it's an ELB the IP can change any time and our proxy will stop working. 

 

If I instead change the proxy to use this format, it breaks on the token exchange and gives 404's despite a TCPDUMP showing it's resolving the host correctly, has anyone else had this issue / got any advice?

 

```

server {
listen 0.0.0.0:8080;
# server name must match vesper sys.config

access_log /var/log/nginx/a17-arcgis/timers.access.log timing;
access_log /var/log/nginx/a17-arcgis/access.log;
error_log /var/log/nginx/a17-arcgis/error.log notice;

location /arcgis/rest/services/World/GeocodeServer/findAddressCandidates {

resolver 172.32.0.2 valid=10s;

set $variable "https://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates";
proxy_pass $variable;
proxy_pass_request_headers on;
}

location /sharing/rest/oauth2/token {

resolver 172.32.0.2 valid=10s;

set $token "https://www.arcgis.com/sharing/rest/oauth2/token/";
proxy_pass $token;
proxy_set_header Host $host;
proxy_pass_request_headers on;
}
}

```

 

I'm essentially trying to reduce the risk of an IP change breaking the proxy.

Outcomes