Difference between revisions of "Reverse Proxy"

From East Essex Hackspace
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 4: Line 4:
  
 
Host, port and path based routing is possible.
 
Host, port and path based routing is possible.
 +
 +
Currently only path based routing is implemented. Changes to the config will be needed to allow host based routing, and port based routing would require further work.
  
 
== Configuration ==
 
== Configuration ==
Line 10: Line 12:
 
== Traffic Path ==
 
== Traffic Path ==
  
user -> https://<something>.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then routed via path or host based routing to final destination
+
user -> https://<something>.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via path or host based routing to final destination

Latest revision as of 09:44, 8 July 2021

Reverse Proxy

Is a reverse proxy using nginx to present services hosted on the internal servers to the internet.

Host, port and path based routing is possible.

Currently only path based routing is implemented. Changes to the config will be needed to allow host based routing, and port based routing would require further work.

Configuration

https://github.com/eehackspace/eeh-reverse-proxy

Traffic Path

user -> https://<something>.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via path or host based routing to final destination