Clever Geek Handbook

Nginx to open internal http service as https subdomain

I found some partial answers on this site and similar ones, but I couldn't figure out how to put them together, or maybe there is an answer and I can't recognize it: - /

What I am trying to achieve:

I have a http service running on my local network (I have dnsmasq setup accordingly):

http://subdomain1.domain.com:1234/

and I would like to expose it as internet (also external DNS works fine):

https://subdomain2.domain.com:443/

with user authentication handled by nginx.

I also want (should?) Keep the url visible in the browser unmodified.

I tried several combinations of what I found from similar questions, but something like me is slipping away.

This is my final try:

ssl_certificate /var/www/domain.com/domain_com.crt;
ssl_certificate_key /var/www/domain.com/domain_com.key;

server {
        listen   443 default_server;
        server_name subdomain1.domain.com;

        location / {
                auth_basic "Restricted";
                auth_basic_user_file /var/www/domain.com/domain.com.passwords;

                proxy_pass              http://subdomain1.domain.com:1234/;
                proxy_set_header        Host    $http_host;
                # proxy_set_header        X-Real-IP       $remote_addr;
                # proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_redirect          https://subdomain2.domain.com/       http://subdomain1.domain.me:1234/;
        }
}

I get: "Error 107 (net :: ERR_SSL_PROTOCOL_ERROR): SSL protocol error."

Update:

I think I found a solution, but a review would be appreciated anyway. This also overwrites the http access to go through https.

ssl_certificate /var/www/domain.com/domain_com.crt;
ssl_certificate_key /var/www/domain.com/domain_com.key;

server {
        listen   80;
        server_name subdomain1.domain.com;
        rewrite ^ https://$server_name$request_uri? permanent;
}

server {
        listen   443;
        ssl on;
        server_name subdomain1.domain.com;

        location / {
                auth_basic "Restricted";
                auth_basic_user_file /var/www/domain.com/domain.com.passwords;

                proxy_pass              http://subdomain2.domain.com:1234/;
                proxy_set_header        Host    $host;
                proxy_set_header        X-Real-IP       $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto       $scheme;
                add_header              Front-End-Https         on;
                proxy_redirect          off;
        }
}
+3


source to share


No one has answered this question yet

Check out similar questions:



More articles:


All Articles