Skip to content

Instantly share code, notes, and snippets.

@albertcard

albertcard/Nginx Reverse Proxy from WAN>LAN Wireguard Site2Site.md

Last active May 20, 2024 16:18
Show Gist options
  • Save albertcard/77c1794dcf074e54ef6b545e9f4937ce to your computer and use it in GitHub Desktop.
Save albertcard/77c1794dcf074e54ef6b545e9f4937ce to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Nginx Reverse Proxy from WAN>LAN Wireguard Site2Site.md

Create NGINX Reverse Proxy from WAN>LAN over Wireguard Site2Site

  1. Install NGINX and enable
root@wan:~# apt install nginx nginx-common nginx-core
root@wan:~# systemctl start nginx
root@wan:~# systemctl enable nginx
  1. Create config with reverse proxy to LAN-hosted-website
root@wan:~# vi /etc/nginx/sites-enabled/mywebsite
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    server_name <publicdomain.example.com>;
    access_log /var/log/nginx/$host;

    location / {
	    proxy_pass http://<LAN-hosted-website>:<port>;
	    proxy_set_header X-Real-IP $remote_addr;
	    proxy_set_header Host $host;
	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
	    #proxy_redirect off;
            proxy_redirect http:// https://;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
    }

    error_page 502 /50x.html;
    location = /50x.html {
	    root /usr/share/nginx/html;
    }
}
  1. Restart nginx
root@wan:~# systemctl restart nginx
  1. As long as you've configured the A Record for '<publicdomain.example.com>', wherever your Domain Registrar/Nameserver is, you should be able to open your browser to https://<publicdomain.example.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment