Différences

Ci-dessous, les différences entre deux révisions de la page.

--- resume-technique:reverse-proxy:reverse-proxy-main [25/05/2025 22:29] – fail2ban will not work with iptables - work in progress Fabien Duchaussois
+++ resume-technique:reverse-proxy:reverse-proxy-main [13/02/2026 19:50] (Version actuelle) – Daneel Olivaw
@@ Ligne 181: / Ligne 181: @@
 server {
 # a very simple reverse proxy to port 80 : forcing https and redirect will be handle by upstream
-        listen 80 ;
+    listen 80 ;
-        listen [::]:80 ;
+    listen [::]:80 ;
-        server_name subdomain1.mydomain.org subdomain2.mydomain.org;
+    server_name subdomain1.mydomain.org subdomain2.mydomain.org;
-        access_log /var/log/nginx/mydomain.org-access.log;
+    access_log /var/log/nginx/mydomain.org-access.log;
-        error_log /var/log/nginx/mydomain.org-error.log;
+    error_log /var/log/nginx/mydomain.org-error.log;
-        location / {
+    location / {
-# handle real ip and send it to backend
+        # handle real ip, and send request to backend
-       include proxy.conf;
+        include proxy.conf;
-       proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Real-IP $remote_addr;
-       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-       proxy_pass http://[upstreamserver]/; #Please replace [upstreamserver] with your backend application server internal ip or internal dns name.
+        proxy_pass http://_REPLACE_WITH_BACKEND_IP_OR_HOST_/; # backend application server internal address
     }
 }
@@ Ligne 258: / Ligne 256: @@
     # Manage real ip from proxy protocol to get original client ip
-    # Please Replace [REVERSEPROXY_IP] with inernal IPV4 of your reverse proxy.
+    # Please Replace [REVERSEPROXY_IP] with internal IPV4 of your reverse proxy.
     set_real_ip_from [REVERSEPROXY_IP];
     real_ip_header proxy_protocol;
@@ Ligne 281: / Ligne 279: @@
 <code apache>
-# Please Replace [REVERSEPROXY_IP] with inernal IPV4 of your reverse proxy.
+# Please Replace [REVERSEPROXY_IP] with internal IPV4 of your reverse proxy.
 RemoteIPHeader X-Forwarded-For
 RemoteIPInternalProxy [REVERSEPROXY_IP]/32
@@ Ligne 314: / Ligne 312: @@
 We assume that a reverse proxy is configured as described above to proxy to Yunohost. For security purpose, for tracing connexion, configuration is simply modified to get browser real IP with X-Real-IP headers.
-First, create a custom snippet. Please Replace [REVERSEPROXY_IP] with inernal IPV4 of your reverse proxy.
+First, create a custom snippet. Please Replace [REVERSEPROXY_IP] with internal IPV4 of your reverse proxy.
 /etc/nginx/snippets/YunoHost_behind_http_RP.inc
@@ Ligne 326: / Ligne 324: @@
 </file>
-In all nginx configuration file, simply include this snippet in server directive on port 80 :
+In all nginx configuration file, include this snippet in server directive on port 80 :
 <code nginx>
 server {
     listen 80;
     listen [::]:80;
-    server_name yunohost.mydomain.test;
+    server_name yunohost.mydomain.test *.yunohost.mydomain.test;
     # YunoHost behind http Reverse Proxy
@@ Ligne 349: / Ligne 347: @@
-Create a custom snippet. Please Replace [YUNOHOST_INTERFACE_IP] with internal IPV4 of YunoHost interface listening on https behind Reverse Proxy. Please Replace [REVERSEPROXY_IP] with inernal IPV4 of your reverse proxy.
+Create a custom snippet. Please Replace [YUNOHOST_INTERFACE_IP] with internal IPV4 of YunoHost interface listening on https behind Reverse Proxy. Please Replace [REVERSEPROXY_IP] with internal IPV4 of your reverse proxy.
 /etc/nginx/snippets/YunoHost_behind_https_TLSPT_RP.inc
@@ Ligne 361: / Ligne 359: @@
 # Manage real ip from proxy protocol to get original client ip
 # for interface using proxy_protocol
-# Please Replace [REVERSEPROXY_IP] with inernal IPV4 of your reverse proxy.
+# Please Replace [REVERSEPROXY_IP] with internal IPV4 of your reverse proxy.
 set_real_ip_from [REVERSEPROXY_IP];
 real_ip_header proxy_protocol;