Reverse-Proxy: Difference between revisions
From FlowerHouseWiki
No edit summary |
No edit summary |
||
| Line 42: | Line 42: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<p>In my installation I separated many config files for better overview</p> | <p>In my installation I separated many config files for better overview:</p> | ||
/home/caddy/ | <syntaxhighlight lang="console"> | ||
├─ Caddyfile | /home/caddy/ | ||
├─ auth/ | ├─ Caddyfile | ||
│ ├─ local/ | ├─ auth/ | ||
│ │ ├─ users.json | │ ├─ local/ | ||
├─ lxc/ | │ │ ├─ users.json | ||
│ ├─ 101_adguard | ├─ lxc/ | ||
│ ├─ 102_reverse_proxy | │ ├─ 101_adguard | ||
│ ├─ ... | │ ├─ 102_reverse_proxy | ||
├─ network | │ ├─ ... | ||
├─ security | ├─ network | ||
├─ vm/ | ├─ security | ||
│ ├─ 200_truenas | ├─ vm/ | ||
│ ├─ 201_home_assitant | │ ├─ 200_truenas | ||
│ ├─ ...< | │ ├─ 201_home_assitant | ||
│ ├─ ... | |||
</syntaxhighlight> | |||
<p></p> | <p></p> | ||
Revision as of 23:01, 11 February 2023
Reverse-Proxy-LXC
| IP: | 192.168.88.3 |
|---|---|
| MAC: | 56:59:71:B1:85:BC |
| OS: | Debian Bullseye |
|---|---|
| Files: | x |
| RAM: | 1024MB |
| Cores: | 1 |
| Privileged: | No |
The ReverseProxy is reachable under 192.168.88.3 which is located in the ServerVLAN.
Every incoming packages from outside are forwarded to this IP.
The ReverseProxy also forces outside connections to use HTTPS/SSL and will provide a SSL-Certificate.
Previously Nginx Proxy Manager and Authelia was used for ReverseProxy: Guide
Now Caddy2 is used for the ReverseProxy, because it's more stable and integrated
Caddy Installation
Download Caddy2 with Security Plugin
Copy binary to directory
mv ./caddy_linux_amd64_custom /usr/bin/caddy
Create user and group
addgroup caddy
adduser --system caddy
adduser caddy caddy
Set permissions for binary
chown caddy:caddy /usr/bin/caddy
chmod 770 /usr/bin/caddy
Create caddy file
nano /home/caddy/Caddyfile
In my installation I separated many config files for better overview:
/home/caddy/
├─ Caddyfile
├─ auth/
│ ├─ local/
│ │ ├─ users.json
├─ lxc/
│ ├─ 101_adguard
│ ├─ 102_reverse_proxy
│ ├─ ...
├─ network
├─ security
├─ vm/
│ ├─ 200_truenas
│ ├─ 201_home_assitant
│ ├─ ...
