Problem with accesing OpenHAB2 site from outside without myopenhab.org (nginx + reverse proxy with redirection)

openhab2
nginx
reverse_proxy
Tags: #<Tag:0x00007f51e0d02dc8> #<Tag:0x00007f51e0d02b70> #<Tag:0x00007f51e0d02738>

(Marek) #1

Hello all,

I have a problem with configuring openHAB2 to work form outside my home network without myopenhab .org.
To do that, becouse my ISP provider uses double NAT and i have no access to external IP i have bought portmap .io OpenVPN service with port forwarding.

So, my network on Khadas VIM2 board looks like:
Home network at eth0: 192.168.10.252/20
OpenVPN connection at tun0: 10.20.0.20/30
And of course lo interface…

at portmap .io I have forwarded port 80 through http protocol to mysubdomain.portmap.host (virtual host like redirection - i think)

OpenVPN connection is working. When I install nginx, default nginx page was displayed from outside.
I have made new server configuration for nginx with looks like:

server {
    listen                          80;
    server_name                     mysubdomain.portmap.host;

    location / {
    }

    location /oh2/ {
        proxy_pass                              http://localhost:8080/;
        proxy_redirect                          http://$host/ /oh2/;
        proxy_set_header Host                   $http_host;
        proxy_set_header X-Real-IP              $remote_addr;
        proxy_set_header X-Forwarded-For        $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto      $scheme;
        satisfy                                 any;
        allow                                   192.168.0.0/20;
        allow                                   127.0.0.1;
        deny                                    all;
        auth_basic                              "Username and Password Required";
        auth_basic_user_file                    /etc/nginx/.htpasswd;
    }
}

I don’t want to use root directory becouse I want to host some more services through nginx.
I know it is a very insecure configuration. I made it more secure later if it will work.

For now I have a problem with nginx.
When I open openHAB2 site from Khadas (127.0.0.1) and also form my local network directly 192.168.10.252:8080 or through nginx 192.168.10.252/oh2/ ewerything works perfectly.
When I try to open openHAB2 from outside when i type mysubdomain.portmap.host/oh2/ nginx redirects it to 10.20.0.21/oh2/ and of course it cannot be reached because address is not an external one.

When I have changed
proxy_redirect http://$host/ /oh2/;
to
proxy_redirect http://$host/ http://mysubdomain.portmap.host/oh2/;

I can connect form outside, site is password protected as configured, but also form local adresses I am redirected to external adress. And I am still not satisfied with these.

How can I do these to redirect 192.168.x.x adresses to /oh2/ and 10.x.x.x to “mysubdomain.portmap.host/oh2/”.

Second thing with I have problem is openHAB2 mobile app.
Local connection to 192.168.10.252:8080 works perfectly.
Local connection to 192.168.10.252/oh2/ can’t connect (of course i have placed login and password also)
Remote connection to mysubdomain.portmap.host/oh2/ can’t connect (of course i have placed login and password also)

Can anybody can help me out?

btw. sorry for my english :slight_smile: