Nginx and Osimis Web Viewer

Hello.

I tried to post this on my other topic but I do not know why, the message doesn’t appear so I open this topic.

I decided to use NGIX on my setup but I’m facing a problem. I want to redirect my requests to a certain Orthanc instalation which has the port on the URL. For example. lets say I use this URL to try to reach the Osimis

http://localhost:8080/img/10000/osimis-viewer/app/index.html?study=77e82c55-(...)

--------------------|-----|------|-----------------------------------------------------|
nginx url a path^ ^Orthanc port normal url

I need this to become
http://localhost:10000/osimis-viewer/app/index.html?study=77e82c55-(...)

On my NGINX config file I have

location ~ /img/([0-9]+) {
rewrite ([0-9]+)(.*) $2 break;
proxy_pass http://localhost:$1;
}

I see that NGINX is hitting that location block and it seems to be producing the right url. However, something is not working and I’m not figuring it out.
I know that this is not a problem directly related with Orthan, but if you could help me I would be thankfull.

I made some progress and it’s working with this

//This block is on the documentation. I used just to access the web interface for test reasons but this made things work

location /orthanc/ {
rewrite /orthanc(.*) $1 break;

proxy_pass http://localhost:10000;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location /img/ {
rewrite /img/([0-9])(.) $2 break;
proxy_pass http://localhost:$1$2$is_args$args;
}

However I don’t understand why it need the first location block (subsequent requests?). With that block, I’m exposing the web interface. I just wanted to get access to the Osimis Web Viewer. Another aspect is that I wrote there the port number (10000) but it’s not always the same.

Can anyone help me? Many thanks.

A quarta-feira, 4 de novembro de 2020 à(s) 10:58:47 UTC, Clasus escreveu:

I’m not sure if this works completely, but if you want to use the http_auth_auth_request module with NGINX you have to install or compile NGINX with that module and then you can use that module also. Something like below. You would need to read more about how to use the module. The location /auth if for an authentication script. If you make CURL / API calls with headers and a Bearer Token, etc. you can actually perform authentication pretty easily. Harder for the viewer links because you might have to use a Cookie instead or a token in the URL since I don’t think you can set headers with the viewer link. The /api path shown below I think is a setup for api calls, including AJAX requests:

location /orthanc/ {

serve static files

location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {

rewrite /orthanc/(.*) /$1 break;

proxy_pass http://localhost:8042;

proxy_redirect http://localhost:8042/ /;

expires 30d;

}

auth_request /auth;
auth_request_set $auth_status $upstream_status;
proxy_pass http://localhost:8042;
proxy_redirect http://localhost:8042/ /;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
rewrite /orthanc/(.) /$1 break;
add_header ‘Access-Control-Allow-Credentials’ ‘true’;
add_header ‘Access-Control-Allow-Headers’ ‘DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type’;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS’;
add_header ‘Access-Control-Allow-Origin’ '
';

}

location = /auth {

internal;
proxy_pass https://sias.dev:8000/auth/auth.php;
proxy_pass_request_body off;
proxy_set_header Content-Length “”;
proxy_set_header X-Original-Uri $request_uri;
proxy_set_header Orig-Ip $remote_addr;
proxy_set_header Cookie $http_cookie;

}

location /api/ {

For CURL API calls,

if ($request_method = ‘OPTIONS’) {
add_header ‘Access-Control-Allow-Headers’ ‘Accept-Encoding,Origin,Token,Authorization,Accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type’;
add_header ‘Access-Control-Allow-Origin’ ‘https://www.sias.dev’ always;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS, PUT, DELETE, HEAD’;
add_header ‘Access-Control-Max-Age’ ‘1728000’;
add_header ‘Access-Control-Allow-Credentials’ ‘true’;
add_header ‘Content-Type’ ‘text/plain; charset=UTF-8’;
add_header ‘Content-Length’ ‘0’;
return 204;
}

auth_request /auth;
auth_request_set $auth_status $upstream_status;
proxy_buffering off;
proxy_pass http://localhost:8042;
proxy_redirect http://localhost:8042/ /;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
rewrite /api/(.*) /$1 break;
add_header ‘Access-Control-Allow-Credentials’ ‘true’;
add_header ‘Access-Control-Allow-Headers’ ‘Accept-Encoding,Origin,Token,Authorization,Accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type’;
add_header ‘Access-Control-Allow-Origin’ ‘https://www.sias.dev’ always;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS’;

}

Thanks for your answer which I need to see in detail. However, let me say somethings: I’m not trying to perform the authentication there since I already have a service that does that using ORTHANC__AUTHORIZATION__WEB_SERVICE. I have 2 orthancs in different containers (I’m using Docker) and I need to redirect the requests for the right container given the port that is on the URL that hits NGINX. I dont understand why things work with the /orthanc/ location block since I inspected the request made when accessing the osimis web viewer and there’s nothing containing orthanc.

So, at least for now, I just want to pass the requests for the right container.

A quarta-feira, 4 de novembro de 2020 à(s) 19:40:29 UTC, ssc...@icloud.com escreveu:

Hello Scotti,

Before your last answer you wrote another one that now it is not beeing displayed and it’s near to what I want.
I inspected the request that I make to NGINX using the Google (Chrome) Developer Tools to see the Osimis Web Viewer. Almost every resquest (subsequent ones) are made correctly but there are a few that aren’t. I dont recognise them but given that they are blob ones, I guess it’s the images.

orthanc_nginx.png

Another strange thing is that if I comment the /orthanc/ location block on the NGINX config file I dont have answer for the first request (the one selected on the image) http://localhost:8080/img/10000/osimis-viewer/app/index.html?study=77e82c55-(...). I cannot understand why this happens. I get a 502 Bad Gateway.

Any ideas? I already have spent hours on this :confused:

A quarta-feira, 4 de novembro de 2020 à(s) 19:52:02 UTC, Clasus escreveu: