We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
VestaCP as Reverse Proxy to additional servers
VestaCP as Reverse Proxy to additional servers
Hey,
At home I have a DL380 runnin ESXi 6.5 with 4 virtual machines.
One of those virtual machines is running VestaCP, all other machines have their own web interfaces.
I only have one domain and 1 WAN IP address.
mydomain.com comes out on the VestaCP machine.
Now I would like to have sub1.mydomain.com to go to one of those other machines.
Is there a way to manage this from VestaCP?
Thanks in advance.
At home I have a DL380 runnin ESXi 6.5 with 4 virtual machines.
One of those virtual machines is running VestaCP, all other machines have their own web interfaces.
I only have one domain and 1 WAN IP address.
mydomain.com comes out on the VestaCP machine.
Now I would like to have sub1.mydomain.com to go to one of those other machines.
Is there a way to manage this from VestaCP?
Thanks in advance.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: VestaCP as Reverse Proxy to additional servers
this has been discussed atleast a 100 times... pls use search, or even Google change VestaCP default domain
Re: VestaCP as Reverse Proxy to additional servers
I had some trouble achieving this at first, but after i read up a bit on how nginx works and how vesta handles things i came up with a custom template.
SSH to your machine and create a file called "proxy19216803.tpl" and one with the same name except it should have the file extension .stpl in the folder /usr/local/vesta/data/templates/web/nginx
The way I did it as I also wanted to force https is that I in the .tpl file put the following (from the force https template found elsewhere).
And in the .stpl file I put the following:
You can probably remove most of the different locations except / in the .stpl file, but it does not interfer with my present config, so I just left it there.
What you then do is log in to VestaCP web panel, and choose "proxy support" in the settings of your subdomain and then in the proxy template choose the one with the name proxy19216803. What this does is that it will use the template you created and set up nginx to use it for your domain.
SSH to your machine and create a file called "proxy19216803.tpl" and one with the same name except it should have the file extension .stpl in the folder /usr/local/vesta/data/templates/web/nginx
The way I did it as I also wanted to force https is that I in the .tpl file put the following (from the force https template found elsewhere).
Code: Select all
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
location / {
rewrite ^(.*) https://%domain_idn%$1 permanent;
}
}
Code: Select all
server {
listen %ip%:%proxy_ssl_port%;
server_name %domain_idn% %alias_idn%;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
location / {
proxy_pass https://192.168.0.3:443/;
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass https://%ip%:%web_ssl_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}
What you then do is log in to VestaCP web panel, and choose "proxy support" in the settings of your subdomain and then in the proxy template choose the one with the name proxy19216803. What this does is that it will use the template you created and set up nginx to use it for your domain.
Re: VestaCP as Reverse Proxy to additional servers
Just wanted to say thanks for that. I better understand now how VestaCP does it's reverse proxy.
-
- Posts: 5
- Joined: Sat Aug 20, 2016 12:58 pm
Re: VestaCP as Reverse Proxy to additional servers
I have been trying to get this working and not having much luck.jotab wrote: ↑Wed Feb 01, 2017 2:38 pmI had some trouble achieving this at first, but after i read up a bit on how nginx works and how vesta handles things i came up with a custom template.
SSH to your machine and create a file called "proxy19216803.tpl" and one with the same name except it should have the file extension .stpl in the folder /usr/local/vesta/data/templates/web/nginx
The way I did it as I also wanted to force https is that I in the .tpl file put the following (from the force https template found elsewhere).
And in the .stpl file I put the following:Code: Select all
server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; location / { rewrite ^(.*) https://%domain_idn%$1 permanent; } }
You can probably remove most of the different locations except / in the .stpl file, but it does not interfer with my present config, so I just left it there.Code: Select all
server { listen %ip%:%proxy_ssl_port%; server_name %domain_idn% %alias_idn%; ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://192.168.0.3:443/; } location /error/ { alias %home%/%user%/web/%domain%/document_errors/; } location @fallback { proxy_pass https://%ip%:%web_ssl_port%; } location ~ /\.ht {return 404;} location ~ /\.svn/ {return 404;} location ~ /\.git/ {return 404;} location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} include %home%/%user%/conf/web/snginx.%domain%.conf*; }
What you then do is log in to VestaCP web panel, and choose "proxy support" in the settings of your subdomain and then in the proxy template choose the one with the name proxy19216803. What this does is that it will use the template you created and set up nginx to use it for your domain.
I am wanting to forward certain domains to different local machines.
If I set a domain to use the proxy template as you outlined above, the http://<somedomain>.com gets passed to the local ip/server as expected.
But, when I try to access the https://<somedomain>.com version I get a 500 Internal Server Error.
Hoping you may be able to provide some guidance? I don't see anything obvious in the logs.
Thanks!