-
Notifications
You must be signed in to change notification settings - Fork 576
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add section on Reverse Proxy in Cookbook/CONCEPTS #1187
Conversation
Add a section about Reverse Proxies, to explain what they are, why you should care about them and how to solve the problem they introduce.
The content is good, really like the diagrams. Just doesn't read very smoothly yet, needs some grammar improvements. Would definitely like to have this section in the cookbook though. |
lib/Mojolicious/Guides/Cookbook.pod
Outdated
In this setup, your application will receive requests from the reverse proxy | ||
instead of the original client; additionally, the address/hostname where your | ||
application lives internally will be usually different from the one accessed | ||
externally. Last, it might even be the case that the reverse proxy exposes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The 'Last,' here is unnecessary
lib/Mojolicious/Guides/Cookbook.pod
Outdated
services via HTTPS, while contacting the Mojolicious application via plaintext | ||
HTTP. | ||
|
||
As an example, compare a sample request from the client against what arrives to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'what arrives at'. Or maybe, 'what the Mojolicious application receives'
lib/Mojolicious/Guides/Cookbook.pod
Outdated
User-Agent: Mojolicious (Perl) | User-Agent: ShinyProxy/1.2 | ||
... | ... | ||
|
||
You're losing the client's address (e.g. useful for analytics, or Geo-IP) and if |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'The client's address is no longer directly available'
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
||
http://10.20.30.40/bar/2 | ||
|
||
instead of something I<meaningful for the client>, like this: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this phrase is separate enough that the italics aren't needed for emphasis
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
||
=item * | ||
|
||
do-it-yourself like suggested in L</Rewriting>. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'do it yourself' should just be three words.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
the application generates URLs via L<Mojolicious::Controller/"url_for">, the | ||
result will be like this: | ||
The client address is no longer available (it might be useful for analytics, or | ||
Geo-IP) and URLs generated via L<Mojolicious::Controller/"url_for"> will be like |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'will look like this'
grammar-wise LGTM other than the one I missed before |
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
||
GET /foo/1 HTTP/1.1 | GET /foo/1 HTTP/1.1 | ||
Host: api.example.com | Host: 10.20.30.40 | ||
User-Agent: Mojolicious (Perl) | User-Agent: ShinyProxy/1.2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think i would write User-Agent: Firefox
here, just to avoid any possible confusion.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
||
configure your reverse proxy to send the missing data (see L</Nginx> and | ||
L</"Apache/mod_proxy">) and tell your application about it, usually setting the | ||
environment variable C<MOJO_REVERSE_PROXY=1>; OR |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think everywhere else we just say ...setting the environment variable C<MOJO_REVERSE_PROXY>...
, without giving the referenced environment variables a value.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
||
=item * | ||
|
||
do it yourself like suggested in L</Rewriting>. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this sentence really good english?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wouldn't really even suggest this as a option on par the with prior one. I'd just take the first bullet and turn it into its own sentence. I'd then say something like "to more deeply understand how the request is changed, see how the changes could be implemented manually which is the topic of the example in L." or something to that effect. Overall we don't really want people doing that unless they have a VERY specific reason, like needing to support alternate mechanisms.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do it yourself as suggested in L.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
This setup introduces some problems, though: the application will receive | ||
requests from the reverse proxy instead of the original client; the | ||
address/hostname where your application lives internally will be different from | ||
the one visible from the outside; if terminating SSL, the reverse proxy exposes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the one visible from the outside; and if terminating SSL, the reverse proxy exposes
lib/Mojolicious/Guides/Cookbook.pod
Outdated
requests from the reverse proxy instead of the original client; the | ||
address/hostname where your application lives internally will be different from | ||
the one visible from the outside; if terminating SSL, the reverse proxy exposes | ||
services via HTTPS, while using HTTP towards the Mojolicious application. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
services via HTTPS while using HTTP towards the Mojolicious application.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
User-Agent: Mojolicious (Perl) | User-Agent: ShinyProxy/1.2 | ||
... | ... | ||
|
||
The client address is no longer available (it might be useful for analytics, or |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
However, now the client address is no longer available (which might be useful for analytics or
lib/Mojolicious/Guides/Cookbook.pod
Outdated
... | ... | ||
|
||
The client address is no longer available (it might be useful for analytics, or | ||
Geo-IP) and URLs generated via L<Mojolicious::Controller/"url_for"> will be like |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Geo-IP), and URLs generated via LMojolicious::Controller/"url_for" will look like
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
||
=item * | ||
|
||
do it yourself like suggested in L</Rewriting>. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do it yourself as suggested in L.
Thanks everyone for the good suggestions, I hope I didn't miss any in the last commit. |
There was a leftover of the "frontend"/"backend" days in the diagram, got rid of them and made the "Mojolicious application" box wider. |
Thanks, merged. |
Summary
Add a section about Reverse Proxies, to explain what they are, why you should care about them and how to solve the problem they introduce.
Motivation
mojolicious reverse proxy
in Google returns solutions that are unnecessary/overkill in the general case (which only involves some configuration).References