Neoon's Wiki

User Tools

Site Tools

Trace: proxmox_nginx
proxmox_nginx

This is an old revision of the document!

Copy this file to /etc/nginx/sites-enabled/proxmox 

server {
  listen 443;
  server_name yourserver.yourdomain.com;
  
  ssl on;
  ssl_certificate /etc/nginx/ssl/ssl.crt;
  ssl_certificate_key /etc/nginx/ssl/ssl.key;
  
  proxy_redirect off;
  location / {
      proxy_set_header X-Forwarded-Proto https;
      proxy_pass https://127.0.0.1:8006;
      
      proxy_http_version 1.1;
      proxy_set_header Connection $http_connection;
      proxy_set_header Origin http://$host;
      proxy_set_header Upgrade $http_upgrade;
  }
}

Make sure you replace ssl_certificate and ssl_certificate_key

Restart Nginx: service nginx restart, it should return no errors.

Second step, Turn the pveproxy to localhost only. Copy this file to: /etc/default/pveproxy 

ALLOW_FROM="127.0.0.1"
DENY_FROM="all"
POLICY="allow"

Restart pveproxy: service pveproxy

https://YOURIP:8006 should be not more reachable.

proxmox_nginx.1468750468.txt.gz · Last modified: 2021/11/25 22:43 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki