You have nginx at the front end and tomcat hosted internally at port 8080 and you would like to bring Tomcat to the front end accessible via tomcat.sampledomain.com.
In Tomcat's server.xml, modify to add proxyName and proxyPort to the Connector node.
server.xml
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" proxyName="tomcat.sampledomain.com" proxyPort="80" />
In nginx's configuration, add this new site configurations.
nginx site file
server {
listen 80;
server_name tomcat.sampledomain.com;
root /opt/tomcat/webapps/;
underscores_in_headers on;
location / {
proxy_pass http://localhost:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_redirect off;
}
}
Optionally, if you want to make Joget Workflow to load by default (as the root for Tomcat), in server.xml, add the Context node into the Host node.
server.xml
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<Context path="" docBase="jw">
<!-- Default set of monitored resources -->
<WatchedResource>WEB-INF/web.xml</WatchedResource>
</Context>
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
Credit: https://community.alfresco.com/thread/212564-ssl-nginx-reverse-proxy-configuration-and-csrf-attack
Credit: https://github.com/znc/znc/issues/946
Credit: http://stackoverflow.com/questions/18936753/nginx-reverse-proxy-for-tomcat