reverse proxy?

Sun Jul 7 16:27:38 UTC 2019

> Op 7 jul. 2019, om 18:15 heeft David Mehler <dave.mehler at gmail.com> het volgende geschreven:
> 
> Hello,
> 
> Is anyone got a http/https reverse proxy going in a setup similar to
> the below, either haproxy, squid, or nginx, nginx preferred?
> 
> I've got a host system that well it will have several jails on it each
> running a web server, all jails are on the lo1 interface, each has
> their own ip and each web server is running on port 80 at least, and
> some also are on port 443.
> 
> If a request comes in for www.domain1.com it should be sent to server
> 1, https://www.domain2.com should go to server 2 and ssl.
> 
> Currently i've got pf rules and rdrs accomplishing this but I think it
> would be cleaner for a reverse proxy to handle this.
> 

Hi,

I was the one suggesting a reverse proxy for your previous problem. I tried nginx, and was surprised by its simplicity.

I created a jail, installed nginx via ‘pkg install nginx’, modified nginx.conf and added this:

    server {
        listen 192.168.13.21:81;
        server_name sickbeard.boosten.org;

        location / {
          proxy_pass http://ra.boosten.org:8082/;
          proxy_set_header X-Real-IP $remote_addr;
        }
    }

    server {
        listen 192.168.13.21:81;
        server_name sabnzbd.boosten.org;

        location / {
          proxy_pass http://ra.boosten.org:8080/;
          proxy_set_header X-Real-IP $remote_addr;
        }
    }

(FQDNs are any reachable from my internal net, so is the nginx jail, so you don’t have to try :))

Whenever the host in the http 1.1 request is sickbeard.boosten.org, it redirects to another machine on port 8082.
Same applies to sabnzbd.boosten.org <http://sabnzbd.boosten.org/>. Of course, where you connect to is entirely up to you.

Peter