|
|
| (16 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| <!------------------------> | | <!------------------------> |
| <!-- do not remove this --> | | <!-- do not remove this --> |
| <div id="infra##" class="infra-insert"> | | <div id="Infra Insert 02" class="infra-insert"> |
| <!------------------------> | | <!------------------------> |
|
| |
|
| '''Nginx for Reverse Proxy'''
| | proxy_add_x_forwarded_for; </br> |
| | | proxy_set_header X-Forwarded-Proto $scheme; |
| Make sure you have installed Nginx.
| |
| | |
| $ apt install nginx
| |
| | |
| Note: packages are saved by default in your user's home directory.
| |
| | |
| If you went to the IP address of your pi in web browser on a device that was on the same wifi network as the pi you would be able to see the default Nginx site already! Where is that coming from?
| |
| | |
| Well, Nginx will create some default html files on installation, to find that HTML index page in your file system on the pi, change directory :
| |
| | |
| $ cd /var/www/html
| |
| | |
| The default html document will be named index.nginx-debian.html which you can see if you run the ls command now.
| |
| | |
| The default configuration file for this simple static site can be found here:
| |
| | |
| cd /etc/nginx/sites-enabled
| |
| | |
| | |
| '''Reverse Proxy Configuration'''
| |
| | |
| | |
| Add an nginx config file at /etc/nginx/sites-available/<SERVERNAME>.conf
| |
| | |
| To do this use the command
| |
| | |
| cd /ect/nginx/
| |
| nano sites-available/<NETNAME>.conf
| |
| Ours looks like:
| |
| | |
| cd /ect/nginx/
| |
| nano sites-available/systerserver.conf
| |
| Choosing your NGINX reverse proxy setup is very much up to you but we will show to setups, a simple one with just http, and a more secure and standard one with https redirect and certificate.
| |
| | |
| simple http conf:
| |
| | |
| server {
| |
| # listen to http on port 80
| |
| listen 80;
| |
| listen [::]:80;
| |
| # listen to url
| |
| server_name servpub.net;
| |
| | |
| # linking the client to the vpn subnet ip address of the pi
| |
| location / {
| |
| proxy_set_header Host $host;
| |
| proxy_set_header X-Real-IP $remote_addr;
| |
| proxy_set_header X-Forwarded-For
| |
| $proxy_add_x_forwarded_for;
| |
| proxy_set_header X-Forwarded-Proto $scheme;
| |
| | |
| # replace this with the user vpn subnet ip adress you set earlier
| |
| proxy_pass http://10.10.12.51;
| |
| proxy_read_timeout 90;
| |
| }
| |
|
| |
| location / {
| |
| rewrite ^ https://$host$request_uri? permanent;
| |
| }
| |
| }
| |
| | |
| More can be found here: https://git.systerserver.net/queer/networks
| |
|
| |
|
| <!------------------------> | | <!------------------------> |