Reverse proxy and AiO setup #4879
-
Hi@all I have just a little problem of understanding on how to reverse proxy AiO If I understand the AiO documentation here on github correctly, you can setup NC AiO either for the use with a reverse proxy of for the use without reverse proxy. If I choose “no proxy” for some reason I cannot use a reverse proxy and if I choose “with proxy” the traffic between my proxy and the NC will be unencrypted. The docs say, if I don’t like the traffic being unencrypted I can use a separate container on the same box with e.g. apache or nginx to encrypt traffic between NC and my reverse proxy. I don’t understand why I cannot just use the full “no reverse proxy” setup that makes the NC accessible via TLS and then put my reverse proxy in front of it (e.g. in the DMZ)? Cheers |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 4 replies
-
Hi,
Correct
Because in "no reverse proxy" setup, we try to retreive the Lets encrypt certificate automatically and that obviously fails if it is actually running behind a reverse proxy. |
Beta Was this translation helpful? Give feedback.
-
Ah, I see.. Thanks for the quick response btw. Is there a way to automate it via AiO setup? Or do I have to spin up and configure a completely separate container? |
Beta Was this translation helpful? Give feedback.
-
I do have a reverse proxy but it's on a separate machine. (I got a little OPNsense box with HAProxy that fetches a LE cert) So I would need a AiO setup that exposes NC via TLS but uses a self signed cert (or maybe one that I created myself via openssl) instead of trying to get a LE cert |
Beta Was this translation helpful? Give feedback.
Hi,
Correct
B…