NGINX:Reverse Proxy: Difference between revisions
Jump to navigation
Jump to search
(Created page with "==Template for new hosts== This template can be used on the majority of virtual hosts within NGINX. To use: # Access your NGINX reverse proxy. # Create the config file at <code>/etc/nginx/conf.d/<file>.conf</code> (Example: <code>touch /etc/nginx/conf.d/gitlab.conf</code>) # Edit the file you created with your favorite text editor - vi, vim, nano, doesn't matter. # Paste in the template below and adjust to your needs. ## Replace HOSTNAME with the actual hostname, e.g. g...") |
No edit summary |
||
| Line 9: | Line 9: | ||
## Replace the IP address in "proxy_pass" with the internal IP address and port of the service you are trying to reach internally. Make note if the service uses http or https and if it uses a non-standard port. | ## Replace the IP address in "proxy_pass" with the internal IP address and port of the service you are trying to reach internally. Make note if the service uses http or https and if it uses a non-standard port. | ||
# Once adjusted, save the file. | # Once adjusted, save the file. | ||
# Run the command nginx -t to test the syntax. If no errors, restart the nginx service. | # Run the command <code>nginx -t</code> to test the syntax. If no errors, restart the nginx service. | ||
# Create a DNS record for the hostname you created and point it to the external IP. Make sure the record resolves. | # Create a DNS record for the hostname you created and point it to the external IP. Make sure the record resolves. | ||
# On your reverse proxy, run the command certbot and then create a certificate for the reverse proxy host you just created. Certbot will automatically request, install, and renew the SSL certificate for you. | # On your reverse proxy, run the command <code>certbot</code> and then create a certificate for the reverse proxy host you just created. Certbot will automatically request, install, and renew the SSL certificate for you. | ||
# That's it! Test your reverse proxy! | # That's it! Test your reverse proxy! | ||
Latest revision as of 04:37, 26 August 2023
Template for new hosts[edit | edit source]
This template can be used on the majority of virtual hosts within NGINX. To use:
- Access your NGINX reverse proxy.
- Create the config file at
/etc/nginx/conf.d/<file>.conf(Example:touch /etc/nginx/conf.d/gitlab.conf) - Edit the file you created with your favorite text editor - vi, vim, nano, doesn't matter.
- Paste in the template below and adjust to your needs.
- Replace HOSTNAME with the actual hostname, e.g. gitlab.example.com (don't forget the semicolon at the end!).
- Replace the IP address in "proxy_pass" with the internal IP address and port of the service you are trying to reach internally. Make note if the service uses http or https and if it uses a non-standard port.
- Once adjusted, save the file.
- Run the command
nginx -tto test the syntax. If no errors, restart the nginx service. - Create a DNS record for the hostname you created and point it to the external IP. Make sure the record resolves.
- On your reverse proxy, run the command
certbotand then create a certificate for the reverse proxy host you just created. Certbot will automatically request, install, and renew the SSL certificate for you. - That's it! Test your reverse proxy!
server {
server_name HOSTNAME;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
real_ip_header X-Forwarded-For;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://10.12.13.14:8080;
}
listen 80;
}