commit 1229bfe690bb2e85f3f7e049b69df488eed6ca85 Author: TheGuyDanish <5776313+TheGuyDanish@users.noreply.github.com> Date: Tue Jul 13 10:23:11 2021 +0100 First version with configs from #8 diff --git a/Webserver-Reverse-Proxy.md b/Webserver-Reverse-Proxy.md new file mode 100644 index 0000000..c05a1dc --- /dev/null +++ b/Webserver-Reverse-Proxy.md @@ -0,0 +1,76 @@ +In order to to expose uptime-kuma to the web securely, it is recommended to proxy it behind a traditional webserver such as nginx or Apache. Below are some example configurations that you could use. + +### Nginx + +With SSL: +```nginx +server { + listen 443 ssl http2; + server_name sub.domain.com; + ssl_certificate /path/to/ssl/cert/crt; + ssl_certificate_key /path/to/ssl/key/key; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://localhost:3001/; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } +} +``` + +Without SSL: +```nginx +server { + listen 80; + server_name sub.domain.com; + location / { + proxy_pass http://localhost:3001; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + } +} +``` + +### Apache +Without SSL: +```apache + + ServerName sub.domain.com + SSLEngine On + SSLCertificateFile /path/to/ssl/cert/crt + SSLCertificateKeyFile /path/to/ssl/key/key + # Protocol 'h2' is only supported on Apache 2.4.17 or newer. + Protocols h2 http/1.1 + + ProxyPass / http://localhost:3001/ + RewriteEngine on + RewriteCond %{HTTP:Upgrade} websocket [NC] + RewriteCond %{HTTP:Connection} upgrade [NC] + RewriteRule ^/?(.*) "ws://localhost:3001/$1" [P,L] + +``` + +Without SSL: +```apache + + ServerName sub.domain.com + + ProxyPass / http://localhost:3001/ + RewriteEngine on + RewriteCond %{HTTP:Upgrade} websocket [NC] + RewriteCond %{HTTP:Connection} upgrade [NC] + RewriteRule ^/?(.*) "ws://localhost:3001/$1" [P,L] + +``` + +### Caddy + +```nginx +subdomain.domain.com { + reverse_proxy 127.0.0.1:3001 : +} +``` \ No newline at end of file