Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

VestaCP as Reverse Proxy to additional servers

https://forum.vestacp.com/viewtopic.php?f=11&t=13779

Page 1 of 1

VestaCP as Reverse Proxy to additional servers

Posted: Tue Jan 31, 2017 2:15 pm
by MooFz
Hey,

At home I have a DL380 runnin ESXi 6.5 with 4 virtual machines.
One of those virtual machines is running VestaCP, all other machines have their own web interfaces.
I only have one domain and 1 WAN IP address.

mydomain.com comes out on the VestaCP machine.
Now I would like to have sub1.mydomain.com to go to one of those other machines.
Is there a way to manage this from VestaCP?

Thanks in advance.

Re: VestaCP as Reverse Proxy to additional servers

Posted: Tue Jan 31, 2017 2:54 pm
by mehargags
this has been discussed atleast a 100 times... pls use search, or even Google change VestaCP default domain

Re: VestaCP as Reverse Proxy to additional servers

Posted: Wed Feb 01, 2017 2:38 pm
by jotab
I had some trouble achieving this at first, but after i read up a bit on how nginx works and how vesta handles things i came up with a custom template.

SSH to your machine and create a file called "proxy19216803.tpl" and one with the same name except it should have the file extension .stpl in the folder /usr/local/vesta/data/templates/web/nginx

The way I did it as I also wanted to force https is that I in the .tpl file put the following (from the force https template found elsewhere).

Code: Select all

server {
    listen      %ip%:%proxy_port%;
    server_name %domain_idn% %alias_idn%;
    location / {
        rewrite ^(.*) https://%domain_idn%$1 permanent;
    }
}
And in the .stpl file I put the following:

Code: Select all

server {
    listen      %ip%:%proxy_ssl_port%;
    server_name %domain_idn% %alias_idn%;
    ssl         on;
    ssl_certificate      %ssl_pem%;
    ssl_certificate_key  %ssl_key%;
    error_log  /var/log/%web_system%/domains/%domain%.error.log error;

    location / {
        proxy_pass      https://192.168.0.3:443/;
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      https://%ip%:%web_ssl_port%;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include %home%/%user%/conf/web/snginx.%domain%.conf*;
}
You can probably remove most of the different locations except / in the .stpl file, but it does not interfer with my present config, so I just left it there.

What you then do is log in to VestaCP web panel, and choose "proxy support" in the settings of your subdomain and then in the proxy template choose the one with the name proxy19216803. What this does is that it will use the template you created and set up nginx to use it for your domain.

Re: VestaCP as Reverse Proxy to additional servers

Posted: Tue Nov 07, 2017 4:42 am
by dv8inpp1
Just wanted to say thanks for that. I better understand now how VestaCP does it's reverse proxy.

Re: VestaCP as Reverse Proxy to additional servers

Posted: Fri Mar 08, 2019 4:07 pm
by pistolgrip
jotab wrote:
Wed Feb 01, 2017 2:38 pm
 I had some trouble achieving this at first, but after i read up a bit on how nginx works and how vesta handles things i came up with a custom template.

SSH to your machine and create a file called "proxy19216803.tpl" and one with the same name except it should have the file extension .stpl in the folder /usr/local/vesta/data/templates/web/nginx

The way I did it as I also wanted to force https is that I in the .tpl file put the following (from the force https template found elsewhere).

Code: Select all

server {
    listen      %ip%:%proxy_port%;
    server_name %domain_idn% %alias_idn%;
    location / {
        rewrite ^(.*) https://%domain_idn%$1 permanent;
    }
}
And in the .stpl file I put the following:

Code: Select all

server {
    listen      %ip%:%proxy_ssl_port%;
    server_name %domain_idn% %alias_idn%;
    ssl         on;
    ssl_certificate      %ssl_pem%;
    ssl_certificate_key  %ssl_key%;
    error_log  /var/log/%web_system%/domains/%domain%.error.log error;

    location / {
        proxy_pass      https://192.168.0.3:443/;
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      https://%ip%:%web_ssl_port%;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include %home%/%user%/conf/web/snginx.%domain%.conf*;
}
You can probably remove most of the different locations except / in the .stpl file, but it does not interfer with my present config, so I just left it there.

What you then do is log in to VestaCP web panel, and choose "proxy support" in the settings of your subdomain and then in the proxy template choose the one with the name proxy19216803. What this does is that it will use the template you created and set up nginx to use it for your domain.
I have been trying to get this working and not having much luck.

I am wanting to forward certain domains to different local machines.

If I set a domain to use the proxy template as you outlined above, the http://<somedomain>.com gets passed to the local ip/server as expected.

But, when I try to access the https://<somedomain>.com version I get a 500 Internal Server Error.

Hoping you may be able to provide some guidance? I don't see anything obvious in the logs.

Thanks!
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/