Proxmox: Настраиваем Nginx в роли Reverse Proxy
Настройка Nginx в роли Reverse Proxy не сложна, но если не знать некоторых особенностей то не будут работать консоль и загрузка iso-файлов. Ниже пример готового конфига.
server { listen 80; server_name pve.you-domain.com; return 301 https://$host$request_uri; } server { listen 443 ssl http2; server_name pve.you-domain.com; ssl on; ssl_certificate /etc/nginx/certs/*.you-domain.com/fullchain; ssl_certificate_key /etc/nginx/certs/*.you-domain.com/key; add_header Allow "GET, POST, HEAD, PUT, DELETE" always; if ($request_method !~ ^(GET|POST|HEAD|PUT|DELETE)$) { return 405; } location / { proxy_pass https://10.10.10.5:8006; # Disable buffering to serve data immediately to clients. # Increase timeouts from default 60 seconds to 5 minutes for the console not to close when no data is transferred. # Additionally the max_body_size was increased to 5 GB to allow uploads of huge ISOs via the Web UI. proxy_buffering off; proxy_buffer_size 4k; client_max_body_size 5g; proxy_connect_timeout 300s; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; # Enable proxy websockets for the noVNC console to work proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Standard proxying headers proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # SSL proxying headers proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Ssl on; } }