Add section on Reverse Proxy in Cookbook/CONCEPTS #1187
Conversation
Add a section about Reverse Proxies, to explain what they are, why you should care about them and how to solve the problem they introduce.
|
The content is good, really like the diagrams. Just doesn't read very smoothly yet, needs some grammar improvements. Would definitely like to have this section in the cookbook though. |
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| In this setup, your application will receive requests from the reverse proxy | ||
| instead of the original client; additionally, the address/hostname where your | ||
| application lives internally will be usually different from the one accessed | ||
| externally. Last, it might even be the case that the reverse proxy exposes |
There was a problem hiding this comment.
The 'Last,' here is unnecessary
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| services via HTTPS, while contacting the Mojolicious application via plaintext | ||
| HTTP. | ||
|
|
||
| As an example, compare a sample request from the client against what arrives to |
There was a problem hiding this comment.
'what arrives at'. Or maybe, 'what the Mojolicious application receives'
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| User-Agent: Mojolicious (Perl) | User-Agent: ShinyProxy/1.2 | ||
| ... | ... | ||
|
|
||
| You're losing the client's address (e.g. useful for analytics, or Geo-IP) and if |
There was a problem hiding this comment.
'The client's address is no longer directly available'
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
|
||
| http://10.20.30.40/bar/2 | ||
|
|
||
| instead of something I<meaningful for the client>, like this: |
There was a problem hiding this comment.
I think this phrase is separate enough that the italics aren't needed for emphasis
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
|
||
| =item * | ||
|
|
||
| do-it-yourself like suggested in L</Rewriting>. |
There was a problem hiding this comment.
'do it yourself' should just be three words.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| the application generates URLs via L<Mojolicious::Controller/"url_for">, the | ||
| result will be like this: | ||
| The client address is no longer available (it might be useful for analytics, or | ||
| Geo-IP) and URLs generated via L<Mojolicious::Controller/"url_for"> will be like |
|
grammar-wise LGTM other than the one I missed before |
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
|
||
| GET /foo/1 HTTP/1.1 | GET /foo/1 HTTP/1.1 | ||
| Host: api.example.com | Host: 10.20.30.40 | ||
| User-Agent: Mojolicious (Perl) | User-Agent: ShinyProxy/1.2 |
There was a problem hiding this comment.
I think i would write User-Agent: Firefox here, just to avoid any possible confusion.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
|
||
| configure your reverse proxy to send the missing data (see L</Nginx> and | ||
| L</"Apache/mod_proxy">) and tell your application about it, usually setting the | ||
| environment variable C<MOJO_REVERSE_PROXY=1>; OR |
There was a problem hiding this comment.
I think everywhere else we just say ...setting the environment variable C<MOJO_REVERSE_PROXY>..., without giving the referenced environment variables a value.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
|
||
| =item * | ||
|
|
||
| do it yourself like suggested in L</Rewriting>. |
There was a problem hiding this comment.
Is this sentence really good english?
There was a problem hiding this comment.
I wouldn't really even suggest this as a option on par the with prior one. I'd just take the first bullet and turn it into its own sentence. I'd then say something like "to more deeply understand how the request is changed, see how the changes could be implemented manually which is the topic of the example in L." or something to that effect. Overall we don't really want people doing that unless they have a VERY specific reason, like needing to support alternate mechanisms.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| This setup introduces some problems, though: the application will receive | ||
| requests from the reverse proxy instead of the original client; the | ||
| address/hostname where your application lives internally will be different from | ||
| the one visible from the outside; if terminating SSL, the reverse proxy exposes |
There was a problem hiding this comment.
the one visible from the outside; and if terminating SSL, the reverse proxy exposes
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| requests from the reverse proxy instead of the original client; the | ||
| address/hostname where your application lives internally will be different from | ||
| the one visible from the outside; if terminating SSL, the reverse proxy exposes | ||
| services via HTTPS, while using HTTP towards the Mojolicious application. |
There was a problem hiding this comment.
services via HTTPS while using HTTP towards the Mojolicious application.
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| User-Agent: Mojolicious (Perl) | User-Agent: ShinyProxy/1.2 | ||
| ... | ... | ||
|
|
||
| The client address is no longer available (it might be useful for analytics, or |
There was a problem hiding this comment.
However, now the client address is no longer available (which might be useful for analytics or
lib/Mojolicious/Guides/Cookbook.pod
Outdated
| ... | ... | ||
|
|
||
| The client address is no longer available (it might be useful for analytics, or | ||
| Geo-IP) and URLs generated via L<Mojolicious::Controller/"url_for"> will be like |
There was a problem hiding this comment.
Geo-IP), and URLs generated via LMojolicious::Controller/"url_for" will look like
lib/Mojolicious/Guides/Cookbook.pod
Outdated
|
|
||
| =item * | ||
|
|
||
| do it yourself like suggested in L</Rewriting>. |
|
Thanks everyone for the good suggestions, I hope I didn't miss any in the last commit. |
|
There was a leftover of the "frontend"/"backend" days in the diagram, got rid of them and made the "Mojolicious application" box wider. |
|
Thanks, merged. |
Summary
Add a section about Reverse Proxies, to explain what they are, why you should care about them and how to solve the problem they introduce.
Motivation
mojolicious reverse proxyin Google returns solutions that are unnecessary/overkill in the general case (which only involves some configuration).References