ric/uptime-kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2024-12-18 02:47:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Update Reverse-Proxy.md (#91)

Frank Elsinga 2024-10-09 08:04:36 +02:00 committed by GitHub
parent 354573c0d5
commit 0fd4cf0550
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 287 additions and 286 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
Reverse-Proxy.md

@ -4,23 +4,13 @@ Unlike other web apps, Uptime Kuma is based on WebSocket. You need two more head
Uptime Kuma **does not support a subdirectory** such as `http://example.com/uptimekuma`. Please prepare a domain or sub-domain to do that. Uptime Kuma **does not support a subdirectory** such as `http://example.com/uptimekuma`. Please prepare a domain or sub-domain to do that.
- [Nginx](#nginx) > [!TIP]
- [Apache](#apache) > It is recommended to use SSL (HTTPS) with your web-server to avoid MiTM attacks when on a public network. If using caddy these certificates will be auto-generated and updated.
- [Caddy](#caddy) >
- [Caddy with Docker-Compose](#caddy-with-docker-compose) > If using Apache or NGINX, it is recommended to use CertBot to manage SSL for free, it uses Lets Encrypt to get its certificates and keeps them renewed. You can also use your own certificates and place them as shown above. If using CertBot use the "Without SSL" settings and then run certbot on it and it will automatically configure auto-HTTPS redirection.
- [Https-Portal](#https-portal)
- [Nginx Proxy Manager](#nginx-proxy-manager)
- [Synology Builtin Reverse Proxy](#synology-builtin-reverse-proxy)
- [Traefik](#Traefik)
- [Cloudflare](#cloudflare)
- [Cloudflare Tunnels](#cloudflare-tunnels)
- [OpenLiteSpeed](#openlitespeed)
- [HAProxy](#haproxy)
- Others
- [SSL/HTTPS](#sslhttps)
# Nginx - <details><summary>Nginx</summary>
With SSL: With SSL:
```nginx ```nginx
@ -87,7 +77,16 @@ server {
# And Certbot will auto-populate this nginx .conf file for you, while also renewing your certificates automatically in the future. # And Certbot will auto-populate this nginx .conf file for you, while also renewing your certificates automatically in the future.
``` ```
# Apache
</details>
- <details><summary>Nginx Proxy Manager</summary>
Please enable "WebSockets Supports"
</details>
- <details><summary>Apache</summary>
With SSL: With SSL:
```apache ```apache
<VirtualHost *:443> <VirtualHost *:443>
@ -120,7 +119,11 @@ Without SSL:
</VirtualHost> </VirtualHost>
``` ```
# Caddy
</details>
- <details><summary>Caddy</summary>
without docker
```nginx ```nginx
subdomain.domain.com { subdomain.domain.com {
@ -128,7 +131,7 @@ subdomain.domain.com {
} }
``` ```
# Caddy with Docker-compose **with Docker-compose
If you run Uptime Kuma using Docker-Compose and don't already have a reverse proxy, this is a simple way to configure Caddy. You only need to replace 'status.example.org' with your domain. If you run Uptime Kuma using Docker-Compose and don't already have a reverse proxy, this is a simple way to configure Caddy. You only need to replace 'status.example.org' with your domain.
@ -159,9 +162,10 @@ services:
- CADDY_INGRESS_NETWORKS=proxy_network - CADDY_INGRESS_NETWORKS=proxy_network
``` ```
# Https-Portal </details>
- <details><summary>Https-Portal</summary>
Enabling "WEBSOCKET=true", or the equivalent in your docker environment variables will do the trick. Enabling `WEBSOCKET=true`, or the equivalent in your docker environment variables will do the trick.
Link to https-portal Websocket under [Advanced Usage](https://github.com/SteveLTN/https-portal#configure-nginx-through-environment-variables). Link to https-portal Websocket under [Advanced Usage](https://github.com/SteveLTN/https-portal#configure-nginx-through-environment-variables).
Example docker-compose.yml file using Https-Portal: Example docker-compose.yml file using Https-Portal:
@ -199,12 +203,9 @@ volumes:
``` ```
Only change "status.domain.com" to your domain Only change "status.domain.com" to your domain
# Nginx Proxy Manager
Please enable "WebSockets Supports" </details>
- <details><summary>Synology Builtin Reverse Proxy</summary>
# Synology Builtin Reverse Proxy
1. Bind IP to localhost when starting Kuma 1. Bind IP to localhost when starting Kuma
@ -235,7 +236,9 @@ labels:
``` ```
Add the above to your `docker-compose.yml` file and replace "YourOwnHostname" with the hostname you want to use. When setup correctly, Traefik can automatically get a Lets Encrypt certificate for your service. Add the above to your `docker-compose.yml` file and replace "YourOwnHostname" with the hostname you want to use. When setup correctly, Traefik can automatically get a Lets Encrypt certificate for your service.
# Cloudflare
</details>
- <details><summary>Cloudflare</summary>
You must enable "WebSockets" in Cloudflare Dashboard: You must enable "WebSockets" in Cloudflare Dashboard:
@ -244,13 +247,15 @@ Cloudflare Dashboard -> Network -> Enable WebSockets
Read more: Read more:
https://github.com/louislam/uptime-kuma/issues/138#issuecomment-890485229 https://github.com/louislam/uptime-kuma/issues/138#issuecomment-890485229
# Cloudflare Tunnels </details>
- <details><summary>Cloudflare Tunnels</summary>
It is the easiest way in my opinion. It is the easiest way in my opinion.
Read more: https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy-with-Cloudflare-Tunnel Read more: https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy-with-Cloudflare-Tunnel
# OpenLiteSpeed </details>
- <details><summary>OpenLiteSpeed</summary>
Create a new virtual host through the graphical admin like you normally would. Create a new virtual host through the graphical admin like you normally would.
@ -290,7 +295,8 @@ Create a new virtual host through the graphical admin like you normally would.
Perform a graceful restart and launch uptime-kuma. Perform a graceful restart and launch uptime-kuma.
# HAProxy </details>
- <details><summary>HAProxy</summary>
No special configuration is required when using HAProxy as a reverse No special configuration is required when using HAProxy as a reverse
proxy although you may wish to add the `timeout tunnel` option to either proxy although you may wish to add the `timeout tunnel` option to either
@ -301,10 +307,5 @@ handle instances where the client stops responding.
Read more: Read more:
http://cbonte.github.io/haproxy-dconv/2.4/configuration.html#4.2-timeout%20tunnel http://cbonte.github.io/haproxy-dconv/2.4/configuration.html#4.2-timeout%20tunnel
# Others
## SSL/HTTPS </details>
It is recommended to use SSL (HTTPS) with your web-server to avoid MiTM attacks when on a public network. If using caddy these certificates will be auto-generated and updated.
If using Apache or NGINX, it is recommended to use CertBot to manage SSL for free, it uses Lets Encrypt to get its certificates and keeps them renewed. You can also use your own certificates and place them as shown above. If using CertBot use the "Without SSL" settings and then run certbot on it and it will automatically configure auto-HTTPS redirection.