Skip to content

feat: add nginx reverse proxy configuration (#8516)#10780

Merged
jfagoagas merged 1 commit into
prowler-cloud:masterfrom
boonchuan:feat/reverse-proxy-nginx-config
Apr 20, 2026
Merged

feat: add nginx reverse proxy configuration (#8516)#10780
jfagoagas merged 1 commit into
prowler-cloud:masterfrom
boonchuan:feat/reverse-proxy-nginx-config

Conversation

@boonchuan
Copy link
Copy Markdown
Contributor

@boonchuan boonchuan commented Apr 20, 2026

Fixes #8516

Problem

Prowler's default Docker setup exposes UI (port 3000) and API (port 8080) as separate services. This causes CORS issues and authentication failures when accessed through an external reverse proxy.

Multiple users have hit this — running behind nginx, Azure App Gateway, Pangolin, and other proxies.

Solution

Added a ready-to-use nginx reverse proxy config in contrib/reverse-proxy/ that unifies both services behind a single port:

  • /api/* and /accounts/saml/* → prowler-api:8080
  • /* → prowler-ui:3000

Usage

docker compose -f docker-compose.yml \
  -f contrib/reverse-proxy/docker-compose.reverse-proxy.yml \
  up -d

Files added

  • contrib/reverse-proxy/nginx.conf — nginx routing config
  • contrib/reverse-proxy/docker-compose.reverse-proxy.yml — compose override
  • contrib/reverse-proxy/README.md — setup guide with Traefik and Caddy examples

Architecture

Internet → Reverse Proxy → prowler-nginx:80
                              ├── /api/*          → prowler-api:8080
                              ├── /accounts/saml/ → prowler-api:8080
                              └── /*              → prowler-ui:3000

Pairs with the SAML ACS URL fix in #10533 for complete reverse proxy + SSO support.

feat: add nginx reverse proxy configuration (prowler-cloud#8516)
bd4070b 
Adds a ready-to-use nginx config and docker-compose override that
unifies Prowler UI (port 3000) and API (port 8080) behind a single
port, solving CORS and auth failures behind reverse proxies.

Includes nginx.conf, docker-compose override, and README with
examples for Traefik, Caddy, and SAML SSO setup.

Fixes prowler-cloud#8516
@boonchuan boonchuan requested a review from a team as a code owner April 20, 2026 01:59
@boonchuan boonchuan requested a review from a team April 20, 2026 01:59
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 20, 2026

Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

@github-actions github-actions Bot added the community Opened by the Community label Apr 20, 2026
jfagoagas
jfagoagas approved these changes Apr 20, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@jfagoagas jfagoagas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this contribution @boonchuan!

@jfagoagas jfagoagas merged commit 98b9449 into prowler-cloud:master Apr 20, 2026
31 checks passed
@boonchuan boonchuan mentioned this pull request May 16, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jfagoagas jfagoagas jfagoagas approved these changes

Assignees

No one assigned

Labels

community Opened by the Community

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Reverse Proxy Needs

2 participants

@boonchuan @jfagoagas