Reverse Proxy

From East Essex Hackspace
Jump to navigation Jump to search

Reverse Proxy

Is a reverse proxy using nginx to present services hosted on the internal servers to the internet.

Host, port and path based routing is possible.

Currently only path based routing is implemented. Changes to the config will be needed to allow host based routing, and port based routing would require further work.

Configuration

https://github.com/eehackspace/eeh-reverse-proxy

Traffic Path

user -> https://<something>.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via path or host based routing to final destination