Question

Droplet 20.04 LTS - nginx reverse serving a dockerized springboot app

Hi there, I am quite new to this and have been trying to make this work for a while before posting this question.

The layout of my app is as follows:

  • ubuntu 20.04 LTS: 1 nginx installed remotely (followed DO guides for installation and securing it) 2 mysql installed remotely 3 springboot app launched via docker and connecting to the remote mysql
  • frontend hosted on netlify

My SpringBoot app requires basic auth in order to access the resources, with the exception of /login where basic auth is not necessary. This and cors config below:

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests()
                .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                .requestMatchers("/login").permitAll()
                .anyRequest().authenticated()
                .and()
                .httpBasic();
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.cors().and().csrf().disable();
        return http.build();
    }
    @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurer() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/**")
                        .allowedMethods(allowedMethod).allowedOrigins(allowedOrigins)
                        .allowedHeaders("*");
            }
        };
    }

My nginx configs here:

server {

        root /var/www/MYDOMAIN/html;
        index index.html index.htm index.nginx-debian.html;

        server_name MYDOMAIN www.MYDOMAIN;
        location / {
        if ($request_method = OPTIONS) {
                 return 204;
        }
         proxy_pass http://localhost:8080;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection keep-alive;
         proxy_set_header Host $host;
         proxy_cache_bypass $http_upgrade;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
        }
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/MYDOMAIN/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/MYDOMAIN/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot




}
server {
    if ($host = www.MYDOMAIN) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = MYDOMAIN) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        listen [::]:80;

        server_name MYDOMAIN www.MYDOMAIN;
    return 404; # managed by Certbot




}

my docker-compose simply starts the image binds 8080 and some configs to allow the springboot app to connect to the local mysql.

Up to this point, everything is set as I would expect and I can access my springboot app via the domain provided, login and access the entry points. I can even run my frontend locally, make axios requests to the deployed app and everything works as expected, however, the deployed frontend keeps getting cors errors when trying to make the requests to the springboot app hosted.

No 'Access-Control-Allow-Origin' header is present on the requested resource.

I presume I need to configure my nginx better, I even tried to add the following to my nginx config:

add_header Access-Control-Allow-Origin * always;

which makes the cors error go away but introduces another when querying my springboot app.

Would you see anything I am doing wrong given the info provided?


Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

The line http.cors().and().csrf().disable(); disables all Spring CORS logic, which means it’s only handled by the webserver. Presumably, the second @Bean is not even being executed in your example. So by default all proxy requests will cause CORS errors.

You could

  1. Configure appropriate CORS rules insige the Spring App
  2. Use URL rewriting and reverse proxy settings to avoid errors in the webserver
  3. Set an Access-Control-Allow-Origin header in your proxy configuration