I have recently got back to a reverse proxy and SSL solution form my openHAB installations. For openHAB alone this works quite well, but I would like to have access to all services running around openHAB on a particular server. Mainly this should be:
- openHAB GUI on port 8081 (changed form 8080)
- Log Viewer on port 9001
- Grafana on port 3000
- another service running on port 2121
The access to this services should be done by URL - for example
https://mydomain.org/ui/ should open openHAB
https://mydomain.org/grafana/ opens grafana server
and so one…
My actual config file looks like this:
#################################
# openHABian NGINX Confiuration #
#################################
## Redirection
server {
listen 80;
server_name mydomain.org;
return 301 https://$server_name$request_uri;
}
## Reverse Proxy to openHAB
server {
# listen 80;
listen 443 ssl;
server_name mydomain.org;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
## Secure Certificate Locations
ssl_certificate /etc/letsencrypt/live/mydomain.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.org/privkey.pem;
location /start/ {
return 301 https://mydomain.org/basicui/app;
}
location /tail/ {
proxy_pass http://localhost:9001;
}
location / {
proxy_pass http://localhost:8081;
# proxy_buffering off; # openHAB supports non-buffering specifically for SSEs now
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
## Password Protection
auth_basic "Username and Password Required";
auth_basic_user_file /etc/nginx/.htpasswd;
}
## Let's Encrypt webroot location
location /.well-known/acme-challenge/ {
root /var/www/mydomain.org;
}
}
I would like nginx to proxy all the services according on the ULR, also with authentication and SSL. Can you help me out on a proper configuration for this?