Set nginx reverse proxy for FusionAuth Topic is solved

[gregorio]

Hi,
I'm new to VestaCp, but I really like this solution.
I'm trying to setup a reverse proxy to access FusionAuth that runs on port 9011, localhost.

I tried to setup a template

Code: Select all

funsionauth.tpl

in:

Code: Select all

/usr/local/vesta/data/templates/web/nginx

With the code:

Code: Select all

server {
    listen       %ip%:%proxy_port% default;
    server_name  _;
    #access_log  /var/log/nginx/%ip%.log main;
    location / {
        proxy_pass  http://localhost:9011;
   }
}

But I can't find it in the VestaCP UI:


Thanks,
Gregorio

[grayfolk]

Move template .tpl and .stpl files to /usr/local/vesta/data/templates/web/nginx/php-fpm

[gregorio]

Thanks, done.

If anyone can use it, here are the templates to host the FusionAuth application, forcing SSL:

File fusionauth.tpl:

Code: Select all

server {
    listen      %ip%:%web_port%;
    server_name %domain_idn% %alias_idn%;
    
    location / {
        rewrite ^(.*) https://%domain_idn%$1 permanent;
    }
    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
}

File fusionauth.stpl:

Code: Select all

server {
    listen      %ip%:%web_ssl_port%;
    server_name %domain_idn% %alias_idn%;
    
    ssl         on;
    ssl_certificate      %ssl_pem%;
    ssl_certificate_key  %ssl_key%;

    location / {
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_set_header X-Forwarded-Port "443";
	proxy_set_header X-Forwarded-Proto "https";

    	proxy_pass  http://localhost:9011;
        proxy_redirect http:// https://;
    }

    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
}

[jackdanielux]

Hey,

I seem to be doing the same thing, but unable to understand, if I create template will other settings managed by nginx get disrupted?

[gregorio]

Mmmmm, I don't think so, the values of the nginx main conf remains.

[jackdanielux]

I seem to have a problem configuring SSL on an app on a subdomain, only that I don't know how to fix them:
- I have a web app running on http://mysub.domain.com:9000
- This url is the admin dashboard of the app
- This app shoots email with public facing URLs like http://mysub.domain.com:9000/xxx/xxx/xxx (which lead to an action within my app)
- The mysub.domain.com is SSL enabled and loads with SSL but the moment the port (9000) is added it returns error page and I have to access it via http
- The problem : 1 - port is visible to public and 2 - the URL shows insecure
- The solution required : 1 - port to be removed without the action of the URL to be impacted and the same URL needs to be served on SSL

Any help is appreciated.