Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 7 Jul 2019 18:27:26 +0200
From:      freebsd@boosten.org
To:        David Mehler <dave.mehler@gmail.com>
Cc:        freebsd-questions <freebsd-questions@freebsd.org>
Subject:   Re: reverse proxy?
Message-ID:  <9F380DB8-DC9C-4580-B70D-09D2FF03EC9B@boosten.org>
In-Reply-To: <CAPORhP4Co1yaoLAmw4c4bbSqxRfysjjMDVW6nOk78n2dWRMK4w@mail.gmail.com>
References:  <CAPORhP4Co1yaoLAmw4c4bbSqxRfysjjMDVW6nOk78n2dWRMK4w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


> Op 7 jul. 2019, om 18:15 heeft David Mehler <dave.mehler@gmail.com> =
het volgende geschreven:
>=20
> Hello,
>=20
> Is anyone got a http/https reverse proxy going in a setup similar to
> the below, either haproxy, squid, or nginx, nginx preferred?
>=20
> I've got a host system that well it will have several jails on it each
> running a web server, all jails are on the lo1 interface, each has
> their own ip and each web server is running on port 80 at least, and
> some also are on port 443.
>=20
> If a request comes in for www.domain1.com it should be sent to server
> 1, https://www.domain2.com should go to server 2 and ssl.
>=20
> Currently i've got pf rules and rdrs accomplishing this but I think it
> would be cleaner for a reverse proxy to handle this.
>=20

Hi,

I was the one suggesting a reverse proxy for your previous problem. I =
tried nginx, and was surprised by its simplicity.

I created a jail, installed nginx via =E2=80=98pkg install nginx=E2=80=99,=
 modified nginx.conf and added this:

    server {
        listen 192.168.13.21:81;
        server_name sickbeard.boosten.org;
       =20
        location / {
          proxy_pass http://ra.boosten.org:8082/;
          proxy_set_header X-Real-IP $remote_addr;
        }
    }

    server {
        listen 192.168.13.21:81;
        server_name sabnzbd.boosten.org;
       =20
        location / {
          proxy_pass http://ra.boosten.org:8080/;
          proxy_set_header X-Real-IP $remote_addr;
        }
    }

(FQDNs are any reachable from my internal net, so is the nginx jail, so =
you don=E2=80=99t have to try :))

Whenever the host in the http 1.1 request is sickbeard.boosten.org, it =
redirects to another machine on port 8082.
Same applies to sabnzbd.boosten.org <http://sabnzbd.boosten.org/>. Of =
course, where you connect to is entirely up to you.

Peter

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9F380DB8-DC9C-4580-B70D-09D2FF03EC9B>