Reverse Proxy mit NGINX
Direkte Weiterleitung per HTTP
server {
listen 80;
server_name my.domain.de;
location / {
include /etc/nginx/proxy_params;
proxy_pass http://192.168.2.5:80;
}
}
oder
Umleitung auf HTTPS, danach Weiterleitung an Server:
server {
listen 80;
server_name my.domain.de;
return 301 https://$host$request_uri;
}
Aufbau HTTPS Verbindung, Weiterleitung an Server proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Nur bei HTTPS
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header HTTPS "on";
server {
listen 443 ssl;
server_name my.domain.de;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
location / {
include /etc/nginx/proxy_params;
proxy_pass http://192.168.2.5:80;
}
client_max_body_size 0;
# Certbot auto-configuration
ssl_certificate /etc/letsencrypt/live/my.domain.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/my.domain.de/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
Quellen
https://indibit.de/reverse-proxy-mit-nginx-mehrere-server-hinter-einer-ip-per-subdomain-ansprechen/
https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
https://www.scaleway.com/en/docs/how-to-configure-nginx-reverse-proxy/