Reverse-Proxy (old version): Difference between revisions
From FlowerHouseWiki
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
<p>The ReverseProxy is reachable under <syntaxhighlight inline>192.168.88.9</syntaxhighlight> which is located in the ServerVLAN. Every incoming packages from outside are forwarded to this IP.</p> | <p>The ReverseProxy is reachable under <syntaxhighlight lang="Bash" inline>192.168.88.9</syntaxhighlight> which is located in the ServerVLAN. Every incoming packages from outside are forwarded to this IP.</p> | ||
<p>The ReverseProxy also forces outside connections to use HTTPS/SSL and will provide a WildCard-Certificate.</p> | <p>The ReverseProxy also forces outside connections to use HTTPS/SSL and will provide a WildCard-Certificate.</p> | ||
<p>Used software:</p> | <p>Used software:</p> |
Revision as of 22:01, 19 February 2021
The ReverseProxy is reachable under 192.168.88.9
which is located in the ServerVLAN. Every incoming packages from outside are forwarded to this IP.
The ReverseProxy also forces outside connections to use HTTPS/SSL and will provide a WildCard-Certificate.
Used software:
Basic Setup
NGINX
Install NGINX and NGINX-Extra
apt install nginx nginx-extras
Deactivate Standard-Site (no Web-Server)
unlink /etc/nginx/sites-enabled/default
Create and paste reverse-proxy.conf
cd /etc/nginx/sites-available
nano reverse-proxy.conf
Activate configuration
ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf
Check if configuration is legit
nginx -t
Reload configuration
nginx -s reload
certbot
For the automatic generation of SSL-Certificates, certbot will be installed.
For securty reasons, the captive portal Authelia wil be installed.