Server static files from FTP server using NGINX

Asked 25/3, 2019 at 12:45 Answered 10/6, 2023 at 8:57

I have a local network, on which there are some old insecure services. I use nginx reverse proxy with client certificates authentication as safe entrypoint to this local network from the Internet. Till now I used it only to proxy HTTP servers using

    location / {
        proxy_pass http://192.168.123.45:80/;
    }

and everything works fine.

But now I would like to serve static files, that are accessible through FTP on a local server, I tried simply:

    location /foo {
        proxy_pass ftp://user:[email protected]:5000/;
    }

but that doesn't work, and I could not find anything that would simply proxy HTTP request to FTP request.

Is there any way to do this?

Jacobus answered 25/3, 2019 at 12:45 Comment(0)

Nginx doesn't support proxying to FTP servers. At best, you can proxy the socket... and this is a real hassle with regular old FTP due to it opening new connections on random ports every time a file is requested.

What you can probably do instead is create a FUSE mount to that FTP server on some local path, and serve that path with Nginx like normal. To that end, CurlFtpFS is one tool for this. Tutorial: https://linuxconfig.org/mount-remote-ftp-directory-host-locally-into-linux-filesystem

(Note: For security and reliability, it's strongly recommended you migrate away from FTP when possible. Consider SSH/SFTP instead.)

Hyunhz answered 27/3, 2019 at 15:5 Comment(3)

Well, just keep in mind.. SSH/SFTP will perform worse according to the security level added (encrypted connection). – Vanhoose 5/9, 2020 at 23:1

@HasanAlsawadi Anyone who actually cared about performance wouldn't be doing this sort of proxying in the first place. Also, I challenge your assertion. Doing this over SSH, only one TCP connection is necessary, whereas with FTP a separate connection is created for every transfer. The overhead from crypto is hardly anything, and is often offloaded to hardware. – Hyunhz 5/9, 2020 at 23:3

Thanks mate, make sense! A benchmark on this would be yummy, will add it to my to-dos ;-) – Vanhoose 7/9, 2020 at 0:33

-1

You can use nfs mount first you need install on ftp server: example in Debian11

sudo apt-get install nfs-kernel-server

Than on /etc/exports you can sett allow share your dir to ip server

/home/sharedir ip.ip.ip.ip(rw,sync,no_subtree_check,all_squash,anonuid=0,anongid=0)

On Nginx server install

sudo apt-get install nfs-common

and mount dir from first server

mount /mnt/myremotesharedir ip.ip.ip.ip:/home/sharedir

Now you can use in nginx path to /home/sharedir as root or alias

location /foo {
    root /home/sharedir/foo;
}

Low answered 10/6, 2023 at 8:57 Comment(0)

Recommended topics

Hot tags