Reverse-Proxy (old version): Difference between revisions
From FlowerHouseWiki
No edit summary |
No edit summary |
||
| Line 9: | Line 9: | ||
=== NGINX === | === NGINX === | ||
<p>Install NGINX and NGINX-Extra</p> | <p>Install NGINX and NGINX-Extra</p> | ||
<syntaxhighlight lang="console">apt install nginx nginx-extras</syntaxhighlight> | <syntaxhighlight lang="console">[root@ReverseProxy]$apt install nginx nginx-extras</syntaxhighlight> | ||
<p>Deactivate Standard-Site (no Web-Server)</p> | <p>Deactivate Standard-Site (no Web-Server)</p> | ||
<syntaxhighlight lang="console">unlink /etc/nginx/sites-enabled/default</syntaxhighlight> | <syntaxhighlight lang="console">unlink /etc/nginx/sites-enabled/default</syntaxhighlight> | ||
Revision as of 22:08, 19 February 2021
The ReverseProxy is reachable under 192.168.88.9 which is located in the ServerVLAN. Every incoming packages from outside are forwarded to this IP.
The ReverseProxy also forces outside connections to use HTTPS/SSL and will provide a WildCard-Certificate.
Used software:
Basic Setup
NGINX
Install NGINX and NGINX-Extra
[root@ReverseProxy]$apt install nginx nginx-extras
Deactivate Standard-Site (no Web-Server)
unlink /etc/nginx/sites-enabled/default
Create and paste reverse-proxy.conf
cd /etc/nginx/sites-available
nano reverse-proxy.conf
Activate configuration
ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf
Check if configuration is legit
nginx -t
Reload configuration
nginx -s reload
certbot
For the automatic generation of SSL-Certificates, certbot will be installed.
For securty reasons, the captive portal Authelia wil be installed.
