d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d5540bf1d7ffbe8f48ded1aa38cc18713f65fbe
proxmox/scripts/configure-nginx-jwt-auth-FINAL-STATUS.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

67 lines
2.2 KiB
Markdown
Raw Blame History

# Nginx JWT Auth Configuration - Final Status
## ✅ Configuration Complete
The nginx JWT authentication has been successfully configured using the **Python-based approach**.
## Issues Fixed
1.**Lua Module**: nginx-extras doesn't include Lua in Ubuntu 22.04 - switched to Python-based validation
2.**Package Installation**: Fixed locale warnings and package installation errors
3.**Port Conflict**: Removed incorrect `listen 127.0.0.1:8888` from nginx config (port 8888 is for Python service only)
4.**Service Startup**: nginx now starts successfully
## Configuration Details
- **VMID**: 2501
- **Hostname**: besu-rpc-2
- **IP**: 192.168.11.251
- **HTTP Domain**: rpc-http-prv.d-bis.org
- **WS Domain**: rpc-ws-prv.d-bis.org
- **JWT Secret**: `/etc/nginx/jwt_secret`
- **Python Validator**: `/usr/local/bin/jwt-validate.py` (running on port 8888)
- **Nginx Config**: `/etc/nginx/sites-available/rpc-perm`
## Service Status
**nginx**: Running and configured
**Python JWT Validator**: Running on port 8888
**Health Check**: `/health` endpoint working
**JWT Authentication**: Configured via `auth_request` module
## How It Works
1. Client makes request to nginx with `Authorization: Bearer <token>` header
2. nginx uses `auth_request` to proxy to Python validator on port 8888
3. Python validator checks JWT token validity
4. If valid, request proceeds to backend (port 8545)
5. If invalid, returns 401 Unauthorized
## Testing
```bash
# Health check (no auth required)
curl -k https://rpc-http-prv.d-bis.org/health
# RPC call without token (should fail)
curl -k -X POST https://rpc-http-prv.d-bis.org/ \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
# RPC call with valid JWT token (should succeed)
curl -k -X POST https://rpc-http-prv.d-bis.org/ \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <your-jwt-token>" \
-d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
```
## Scripts Used
- **Primary**: `configure-nginx-jwt-auth-simple.sh` (Python-based, recommended)
- **Alternative**: `configure-nginx-jwt-auth.sh` (Lua-based, not available on Ubuntu 22.04)
## Completion Time
December 26, 2025 - Configuration completed and verified
Reference in New Issue View Git Blame Copy Permalink