Hi guys I am trying to setup Nginx as a reverse proxy for accessing a MongoDB Database. By default Mongo listens to 27017 port. What I want to do, is redirect a hostname for example mongodb.mysite.com through nginx and pass it to mongodb server. In that way from the outside network I will have my known 27017 port closed, and access my db from a hidden url like the example I gave.

So I am trying to setup Nginx with this configuration :

server {
        listen 80;
        server_name mongo.mysite.com;
        gzip off;       

        location / {
            proxy_pass http://127.0.0.1:27017;
            proxy_redirect off;
            proxy_buffering off;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
        }
    }

So after having this I try to connect with mongo shell from my cmd with the command mongo mongo.mysite.com:80 and I get back the following error:

2015-08-06T13:44:32.670+0300 I NETWORK  recv(): message len 1347703880 is invalid. Min 16 Max: 48000000
2015-08-06T13:44:32.670+0300 I NETWORK  DBClientCursor::init call() failed
2015-08-06T13:44:32.674+0300 E QUERY    Error: DBClientBase::findN: transport error: mongo.therminate.com:80 ns: admin.$cmd query: { whatsmyuri: 1 }
    at connect (src/mongo/shell/mongo.js:181:14)
    at (connect):1:6 at src/mongo/shell/mongo.js:181
exception: connect failed

Also in the Nginx access log I get this:

94.66.184.128 - - [06/Aug/2015:10:44:32 +0000] "<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\x01\x00\x00\x00\x15\x00\x00\x00\x10whatsmyuri\x00\x01\x00\x00\x00\x00" 400 172 "-" "-"

Has anyone got an idea, what is going wrong here? Thanks!

I left this behind, but after some work done, I had to face this problem again and the solution popped in my mind this time!

NGINX is basically an HTTP server, so by setting redirects and proxies the above way, it wraps all communication in HTTP protocol. So the error that is happening, is that while Mongo is expecting Raw TCP traffic, it is getting HTTP traffic.

So the solution to this is to use NGINX's new stream module that is used for handling raw TCP traffic and setup your upstream server to point to mongodb instance.

More Info : NGINX stream module

You're right, you need to use NGINX's stream module by adding a stream section to your .conf file:

stream {
    server {
        listen  <your incoming Mongo TCP port>;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass    stream_mongo_backend;
    }

    upstream stream_mongo_backend {
      server <localhost:your local Mongo TCP port>;
  }
}

Adding onto @Néstor's answer, this config should be written to /etc/nginx.conf just above http section, like this:

stream {
    server {
        listen  <your incoming Mongo TCP port>;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass    stream_mongo_backend;
    }

    upstream stream_mongo_backend {
        server <localhost:your local Mongo TCP port>;
    }
}

http {
    ...
}

You should NEVER write it into a .conf file and put the file into /etc/nginx/sites-available folder. Because any config info in the /etc/nginx/sites-available folder belong to the http section.

If you connect to your local instance of mongodb via the usual default ip values it should connect:mongo 10.8.8.10

The issue is with resolving the address via the mongodb shell which is not happening.