I am running Percona Monitoring and Managent (“PMM”) as a service for my fellow colleagues so they can monitor their databases.

PMM runs as a container on a virtual machine, listening on port 8080.

On the same virtual machine runs another nginx webserver as a reverse proxy for the container. The configuration looks like this:

server {
        listen        443 ssl http2;
        server_name pmm.internal;

        location / {
                grpc_pass grpcs://172.29.0.108:8080;
                grpc_ssl_verify off;
        }

}

Now this worked if I opened https://pmm.internal/graph. However If I opened https://pmm.internal (without the “graph” path), I was redirected to https://172.29.0.108:8080/graph instead of https://pmm.internal/graph.

The nginx webserver inside the container has the following rewrite:
rewrite ^/$ $scheme://$http_host/graph/
The http_host variable is derived from the Host-Header. So because of the reverse proxy the Host-Header was wrong and I had to explicitly set the header in the location to the correct domain:

server {
        location / {
                grpc_pass grpcs://172.29.0.108:8080;
                grpc_ssl_verify off;
                grpc_set_header Host pmm.internal.mms-support.de;
        }

}

This works. :)