Infra Insert 02: Difference between revisions

This page was last edited on 1 February 2024, at 22:23.
No edit summary
No edit summary
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
<!------------------------>
<!------------------------>
<!-- do not remove this -->
<!-- do not remove this -->
<div id="infra##" class="infra-insert">
<div id="Infra Insert 02" class="infra-insert">
<!------------------------>
<!------------------------>


'''Nginx for Reverse Proxy'''
proxy_add_x_forwarded_for; </br>
 
proxy_set_header X-Forwarded-Proto $scheme;
Make sure you have installed Nginx.
 
'''$ apt install nginx
'''
 
Note: packages are saved by default in your user's home directory.
 
If you went to the IP address of your pi in a web browser on a device that was on the same wi-fi network as the pi you should be able to see the default Nginx site already.
 
Nginx automatically creates default HTML files on the installation. To find that HTML index page in your file system on the pi, change directory:
 
'''$ cd /var/www/html
'''
 
The default HTML document will be named ''"index.nginx-debian.html"'' which you can see if you run the ls command now.
 
The default configuration file for this simple static site can be found here:
 
'''$ cd /etc/nginx/sites-enabled
'''
 
'''Reverse Proxy Configuration'''
 
 
Add a nginx config file at "/etc/nginx/sites-available/<SERVERNAME>.conf". To do this use the commands:
 
'''$ cd /ect/nginx/
'''
 
'''$ nano sites-available/<NETNAME>.conf
'''
 
Ours looks like this:
 
'''$ cd /ect/nginx/
'''
 
'''$ nano sites-available/systerserver.conf
'''
 
Choosing your NGINX reverse proxy setup is very much up to you.  You can create a simple one with just ''http'', and a more secure and standard one with ''https'' redirect and certificate.
 
Simple http configuration:
 
'''server { <br>
# listen to http on port 80 <br>
listen 80; <br>
listen [::]:80; <br>
# listen to url <br>
server_name servpub.net; <br>
 
# linking the client to the vpn subnet ip address of the pi <br>
location / {<br>
proxy_set_header Host $host;<br>
proxy_set_header X-Real-IP $remote_addr;<br>
proxy_set_header X-Forwarded-For<br>
$proxy_add_x_forwarded_for;<br>
proxy_set_header X-Forwarded-Proto $scheme;<br>
 
# replace this with the user vpn subnet ip address you set earlier <br>
proxy_pass http://10.10.12.51;<br>
proxy_read_timeout 90;<br>
}<br>
location / {<br>
rewrite ^ https://$host$request_uri? permanent;<br>
}<br>
}'''
 
More can be found here: https://git.systerserver.net/queer/networks


<!------------------------>
<!------------------------>

Latest revision as of 22:23, 1 February 2024

proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;