Hello,
I've set up an nginx proxy in front of PVE (and the apache server). It works great. I can have access to the console without any other port openings than ports 80/443 to my hypervisors, I can manage all hypervisors from only one server (cf thread http://forum.proxmox.com/threads/7958-advices-on-cluster-setup)
Here is the how to :
It should be ok ! (i've tested that on a debian squeeze with proxmox installed after).
I've set up an nginx proxy in front of PVE (and the apache server). It works great. I can have access to the console without any other port openings than ports 80/443 to my hypervisors, I can manage all hypervisors from only one server (cf thread http://forum.proxmox.com/threads/7958-advices-on-cluster-setup)
Here is the how to :
- disable pve-redirect.conf virtualhost from apache
Code:
a2dissite pve-redirect.conf- prevent apache to listen on port 80/443
- install nginx
Code:
aptitude install nginx- add the configuration for nginx in /etc/nginx/sites-available/proxy.conf
Code:
server {
listen 80;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443;
server_name _;
ssl on;
ssl_certificate /etc/pve/local/pve-ssl.pem;
ssl_certificate_key /etc/pve/local/pve-ssl.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://127.0.0.1:8006 ;
}
}- enable the proxy :
Code:
ln -s /etc/nginx/sites-available/proxy.conf /etc/nginx/sites-enabled/proxy- restart apache and start nginx
Code:
service apache2 restart ; service nginx startIt should be ok ! (i've tested that on a debian squeeze with proxmox installed after).
Last edited: