NGINX Reverse Proxy for Proxmox WebUI on domain path

Discussion in 'Proxmox VE: Installation and configuration' started by Rudde, Feb 22, 2016.

  1. Rudde

    Rudde New Member

    Joined:
    Aug 25, 2014
    Messages:
    8
    Likes Received:
    0
    Hello!

    My server is running nginx delivering my web content hosted on various ports through port 80 and 443 on my domain, and I usually run a /path for each service.

    I have one Proxmox server and it won't grow right now so I only need this to be compatible with one server.

    I want my https://*INTERNAL IP*:8006 to be server through https://mydomain.com/admin on port 443 and 80 if possible, if not possible I want port 80 connections to be redirected to https.

    I've seen some guide on doing this on path / but not any other and I can't configure those to work with /admin, is there any headers I have to rewrite for /admin?

    My proxmox server is running with the default self-signed cert, my nginx instance have a valid SSL certificate, that is the certificate I want my users exposed to.
     
  2. udo

    udo Well-Known Member
    Proxmox VE Subscriber

    Joined:
    Apr 22, 2009
    Messages:
    5,676
    Likes Received:
    143
    Hi,
    I think not that this will work... because you need the SSL traffic for the console-traffic too.
    But if your valid cert is an wildcard cert, you can put this on the pve-server too and give perhaps simply an redirect with nginx?! (I know, that is not your goal).

    Udo
     
  3. Rudde

    Rudde New Member

    Joined:
    Aug 25, 2014
    Messages:
    8
    Likes Received:
    0
    Can't I get nginx to decrypt the console traffic and reencrypt it with it's own cert? I only have one subdomain in this network, my ultimate goal is to deliver the proxmox webif on port 443 outside of my NAT without having to take down my other services since I only have one global IP to work with.
     
  4. udo

    udo Well-Known Member
    Proxmox VE Subscriber

    Joined:
    Apr 22, 2009
    Messages:
    5,676
    Likes Received:
    143
    Hi,
    don't know nginx good enough... but look here about the ports: http://pve.proxmox.com/wiki/Ports

    Udo
     
  5. vkhera

    vkhera Member
    Proxmox VE Subscriber

    Joined:
    Feb 24, 2015
    Messages:
    192
    Likes Received:
    10
    The SSL parts are no problem for the reverse proxy. The trick is to get PVE to know that it is rooted at "/admin" not "/" so any URLs it produces are correct. If it always emits relative URLs (none of which start with "/") it should pretty much work, but I wouldn't count on it.

    I know in Apache with the reverse proxy there is a filter you can apply that adjusts any URLs in the returned response for you. I do not know if nginx has that. The directive in Apache is "ProxyPassReverse", but I don't think it meddles with URLs within the document, only the headers. Perhaps using a similar feature would help you here.
     
  6. Rudde

    Rudde New Member

    Joined:
    Aug 25, 2014
    Messages:
    8
    Likes Received:
    0
    So I've looked at the headers when using proxy_revers and it seems your right, it try to load a lot of recourse from domain.com/pve when I'm accessing from domain.com/admin and the recourses would be under admin/
     
  7. omitted

    omitted New Member

    Joined:
    Mar 24, 2016
    Messages:
    17
    Likes Received:
    0
  8. GeoHolz

    GeoHolz New Member

    Joined:
    Apr 11, 2018
    Messages:
    4
    Likes Received:
    0
    Hello,
    I'm trying to do the same.
    Anybody got any ideas?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice