nginx proxy in front of PVE 2.0

jgaret

New Member
Jan 5, 2012
3
0
1
Hello,

I've set up an nginx proxy in front of PVE (and the apache server). It works great. I can have access to the console without any other port openings than ports 80/443 to my hypervisors, I can manage all hypervisors from only one server (cf thread http://forum.proxmox.com/threads/7958-advices-on-cluster-setup)

Here is the how to :
  • disable pve-redirect.conf virtualhost from apache
Code:
a2dissite pve-redirect.conf
  • prevent apache to listen on port 80/443
-> comment everything in /etc/apache2/ports.conf
  • install nginx
Code:
aptitude install nginx
  • add the configuration for nginx in /etc/nginx/sites-available/proxy.conf
Code:
server {
    listen       80;


    rewrite ^(.*) https://$host$1 permanent;


}


server {
    listen       443;
    server_name  _;


    ssl                  on;
    ssl_certificate      /etc/pve/local/pve-ssl.pem;
    ssl_certificate_key  /etc/pve/local/pve-ssl.key;


    ssl_session_timeout  5m;


    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;


    location / {
        proxy_pass         https://127.0.0.1:8006 ;
    }
}
  • enable the proxy :
Code:
ln -s /etc/nginx/sites-available/proxy.conf /etc/nginx/sites-enabled/proxy
  • restart apache and start nginx
Code:
service apache2 restart ; service nginx start

It should be ok ! (i've tested that on a debian squeeze with proxmox installed after).
 
Last edited: