NGINX https proxy voor Domoticz

Posted by ronald on februari 8, 2022 in Nieuws |

In dit bericht laat ik zien hoe ik de NGINX als loadbalancer/proxy voor Domoticz zet.

Voordeel:

  • Laat NGINX zorgen voor certificaten en security
  • Losse backend host of docker container met daarop Domoticz.

 

Maak in /etc/nginx/sites-enabled een bestand domoticz met daarin de volgende virtual host definitie.

# HTTPS server Domoticz
#
map $http_upgrade $connection_upgrade {
  default upgrade;
  '' close;
}
server {
  listen 1443 http2 ssl;
  server_name nginx.localhost.com;

  root html;
  index index.html index.htm;
  access_log /var/log/nginx/domoticz.log;

  ssl_certificate /etc/letsencrypt/live/nginx.localhost.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/nginx.localhost.com/privkey.pem;
  ssl_session_timeout 5m;
  ssl_protocols TLSv1.2;
  ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
  ssl_prefer_server_ciphers on;
  # Ensure this line points to your dhparams file
  ssl_dhparam /etc/nginx/ssl/dhparams.pem;

  proxy_buffering off;

  location / {
    proxy_pass http://192.168.2.7:8080;
    proxy_set_header Host $host;
    proxy_redirect http:// https://;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
  }
}

Copyright © 2012-2022 Dutch Ronaldo All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.