Support Questions

cassiano07 · ‎12-12-2023

Guys, I'm new to Nifi and I'm trying to set up a VM machine with NiFi and Registry, where they are both configured with SSL certificates and I can access them through the DNS that I point to the VM, but I need to specify the port to access both services and what I want is to access the directories based on the URL. When researching, I discovered that I would need to create a reverse proxy to make the same url work for NiFi and Registry. I'm using nginx, but I don't know how to configure it, could someone explain to me how I do these configurations?

I am using docker-compose to upload these applications.

docker-composer:

version: "3.7"
services:
  nifi:
    image: apache/nifi:1.23.2
    container_name: nifi
    ports:
      - "8443:8443"
    environment:
      AUTH: tls
      KEYSTORE_PATH: /opt/certs/nifi.pfx
      KEYSTORE_TYPE: PKCS12
      KEYSTORE_PASSWORD: ***************
      TRUSTSTORE_PATH: /opt/certs/truststore.jks
      TRUSTSTORE_PASSWORD: ***************
      TRUSTSTORE_TYPE: JKS
      NIFI_WEB_PROXY_HOST: <DNS>:8443
      INITIAL_ADMIN_IDENTITY: 'CN=admin, OU=cs, O=Sx, L=São Paulo, ST=São Paulo, C=BR'
    volumes:
      - ./opt/certs:/opt/certs
    networks:
      - nifi
  registry:
    image: apache/nifi-registry:1.23.2
    container_name: registry
    environment:
      AUTH: tls
      KEYSTORE_PATH: /opt/certs/registry.pfx
      KEYSTORE_TYPE: PKCS12
      KEYSTORE_PASSWORD: ***************
      TRUSTSTORE_PATH: /opt/certs/truststore.jks
      TRUSTSTORE_PASSWORD: ***************
      TRUSTSTORE_TYPE: JKS
      INITIAL_ADMIN_IDENTITY: 'CN=admin, OU=cs, O=Sx, L=São Paulo, ST=São Paulo, C=BR'
    ports:
      - "18443:18443"
    volumes:
      - ./opt/certs:/opt/certs
    networks:
      - nifi
  nginx:
    image: nginx:1.25.2
    container_name: nginx
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./certs:/opt/certs
    ports:
      - 80:80
    networks:
      - nifi
    depends_on:
      - registry
      - nifi
networks:
  nifi:
    driver: bridge

nginx.conf:

events { 
    worker_connections  1024;
}
http {
  server {
    listen 80;
    location / {
        proxy_ssl_certificate     /opt/certs/cert.pem;
        proxy_ssl_certificate_key /opt/certs/key.dec.pem;
        proxy_ssl_server_name on;

        proxy_pass https://localhost:8443;
        proxy_set_header X-ProxyScheme "https";
        proxy_set_header X-ProxyHost localhost;
        proxy_set_header X-ProxyPort 8443;
        proxy_set_header X-ProxyContextPath "/";
        root   html;
        index  index.html index.htm;
    }
  }
}

DianaTorres · ‎12-12-2023

@cassiano07 Welcome to the Cloudera Community!

To help you get the best possible solution, I have tagged our NiFi experts @steven-matison @joseomjr who may be able to assist you further.

Please keep us updated on your post, and we hope you find a satisfactory solution to your query.

Regards,

Diana Torres,
Community Moderator

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
Community Guidelines
How to use the forum

Support Questions

Configure DNS in NiFi and Registry