Page 1 of 1

Reverse proxy to another IP

Posted: Sat Jul 25, 2020 8:56 pm
by myVesta
You can install nginx template that will do reverse proxy to another IP.

Code: Select all

wget -nv -O /usr/local/vesta/data/templates/web/nginx/forward.sh http://dl.myvestacp.com/vesta/vesta-cp-nginx-tpl/fwd-http2/forward.sh
wget -nv -O /usr/local/vesta/data/templates/web/nginx/forward.tpl http://dl.myvestacp.com/vesta/vesta-cp-nginx-tpl/fwd-http2/forward.tpl
wget -nv -O /usr/local/vesta/data/templates/web/nginx/forward.stpl http://dl.myvestacp.com/vesta/vesta-cp-nginx-tpl/fwd-http2/forward.stpl
chmod a+x /usr/local/vesta/data/templates/web/nginx/forward.sh
If you want to apply it to some domain:

Code: Select all

user='your-vesta-user' # enter
domain='your-domain.com' # enter
newip='xxx.xxx.xxx.xxx' #  enter

echo "$newip" > /home/$user/conf/web/forward-$domain.txt
/usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" 'forward' 'txt' 'yes'
Last 'yes' is to restart nginx after each domain, so it can be 'no', and in that case restart nginx manuly.


In case you have custom enpoint port, do:

Code: Select all

user='your-vesta-user' # enter
domain='your-domain.com' # enter
newip='xxx.xxx.xxx.xxx' #  enter
port='12345' # enter

echo "$newip:$port" > /home/$user/conf/web/forward-$domain.txt
/usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" 'forward' 'txt' 'yes'
In this scenario, both http and https will be proxied to 12345 port (which is probably bad idea).


Therefore, in case you have different enpoint port for HTTPS traffic, then we will create one additional file where we will separately define HTTPS port:

Code: Select all

user='your-vesta-user' # enter
domain='your-domain.com' # enter
newip='xxx.xxx.xxx.xxx' #  enter
port='12345' # enter
porthttps='23456' # enter

echo "$newip:$port" > /home/$user/conf/web/forward-$domain.txt
echo "$newip:$porthttps" > /home/$user/conf/web/forward-$domain-https.txt

/usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" 'forward' 'txt' 'yes'
In previous example, http interface will be proxied to 12345 port, and https interface will be proxied to 23456 port.


Sometimes you have only http endpoint (NodeJS app, for example), and you want both http and https:// interface to be proxied to http:// endpoint.
In that case do:

Code: Select all

user='your-vesta-user' # enter
domain='your-domain.com' # enter
newip='xxx.xxx.xxx.xxx' #  enter
port='12345' # enter

echo "$newip:$port" > /home/$user/conf/web/forward-$domain.txt
echo "1" > /home/$user/conf/web/forward-$domain-only-http.txt
/usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" 'forward' 'txt' 'yes'

In case you want http visitor to redirect to https, then just copy force-https.tpl to forward.tpl:

Code: Select all

cp /usr/local/vesta/data/templates/web/nginx/force-https.tpl /usr/local/vesta/data/templates/web/nginx/forward.tpl
in that case only https interface will be proxied to "https://$newip:23456", while http interface will just redirect your visitors to https://domain address.


To apply redirection to all domains on ONE hosting account:

Code: Select all

user='your-vesta-user' # enter
newip='xxx.xxx.xxx.xxx' #  enter

echo "$newip" > /home/$user/conf/web/forward-all.txt

for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" 'forward' 'txt' 'no'
    echo "=== Redirected: $domain"
done
service nginx reload

To apply redirection to all domains on the server:

Code: Select all

newip='xxx.xxx.xxx.xxx' #  enter

echo "$newip" > /home/forward-all.txt

for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
        continue;
    fi
    for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" 'forward' 'txt' 'no'
        echo "=== Redirected: $domain"
    done
done
service nginx reload

Re: Reverse proxy to antother IP

Posted: Fri Nov 19, 2021 12:11 pm
by Meister
Hello,

I wanted to put a small vps server as a proxy in front of the domain to relieve the main server. Unfortunately the script does not redirect to my HestiaCP set up main server.

The vps was of course running myvestacp with Debian 11.
I first tested " To apply redirection to all domains on ONE hosting account: " and I saw myvestacp home. then I tested " To apply redirection to all domains on the server: " and the server did not go online after a reboot. is the script compatible with Debian 11?

Re: Reverse proxy to antother IP

Posted: Fri Nov 19, 2021 1:23 pm
by myVesta
Meister wrote: Fri Nov 19, 2021 12:11 pm Hello,

I wanted to put a small vps server as a proxy in front of the domain to relieve the main server. Unfortunately the script does not redirect to my HestiaCP set up main server.

The vps was of course running myvestacp with Debian 11.
I first tested " To apply redirection to all domains on ONE hosting account: " and I saw myvestacp home. then I tested " To apply redirection to all domains on the server: " and the server did not go online after a reboot. is the script compatible with Debian 11?
Yes, it's compatible with Debian11.
You tested the script with myVesta?
What do you get when you type:

Code: Select all

systemctl status nginx

Re: Reverse proxy to antother IP

Posted: Fri Nov 19, 2021 1:53 pm
by Meister
everything ok, it works perfectly now. it was a problem from the hoster :D .

Re: Reverse proxy to antother IP

Posted: Thu Nov 25, 2021 5:30 pm
by Meister
Hello,

a question, is it intended that if you disable "Proxy supportNGINX" that it will still forward? Normally it should not forward then.

Re: Reverse proxy to antother IP

Posted: Sun Dec 12, 2021 1:03 pm
by myVesta
Meister wrote: Thu Nov 25, 2021 5:30 pm Hello,

a question, is it intended that if you disable "Proxy supportNGINX" that it will still forward? Normally it should not forward then.
It will not forward then.

Re: Reverse proxy to another IP

Posted: Tue Mar 21, 2023 3:18 pm
by Meister
the script seems to be broken with the latest myvestacp version :( .

/usr/local/vesta/bin/v-list-web-domains: line 17: /func/main.sh: No such file or directory
/usr/local/vesta/bin/v-list-web-domains: line 102: check_args: command not found
/usr/local/vesta/bin/v-list-web-domains: line 103: is_format_valid: command not found
/usr/local/vesta/bin/v-list-web-domains: line 104: is_object_valid: command not found
cat: /web.conf: No such file or directory
/usr/local/vesta/bin/v-list-web-domains: line 17: /func/main.sh: No such file or directory
/usr/local/vesta/bin/v-list-web-domains: line 102: check_args: command not found
/usr/local/vesta/bin/v-list-web-domains: line 103: is_format_valid: command not found
/usr/local/vesta/bin/v-list-web-domains: line 104: is_object_valid: command not found
cat: /web.conf: No such file or directory

edit: after trying several times, it now works. but why are the error messages coming?

Re: Reverse proxy to another IP

Posted: Tue Mar 21, 2023 4:32 pm
by myVesta
Meister wrote: Tue Mar 21, 2023 3:18 pm the script seems to be broken with the latest myvestacp version :( .

/usr/local/vesta/bin/v-list-web-domains: line 17: /func/main.sh: No such file or directory
/usr/local/vesta/bin/v-list-web-domains: line 102: check_args: command not found
/usr/local/vesta/bin/v-list-web-domains: line 103: is_format_valid: command not found
/usr/local/vesta/bin/v-list-web-domains: line 104: is_object_valid: command not found
cat: /web.conf: No such file or directory
/usr/local/vesta/bin/v-list-web-domains: line 17: /func/main.sh: No such file or directory
/usr/local/vesta/bin/v-list-web-domains: line 102: check_args: command not found
/usr/local/vesta/bin/v-list-web-domains: line 103: is_format_valid: command not found
/usr/local/vesta/bin/v-list-web-domains: line 104: is_object_valid: command not found
cat: /web.conf: No such file or directory

edit: after trying several times, it now works. but why are the error messages coming?
viewtopic.php?f=17&t=49

Re: Reverse proxy to another IP

Posted: Wed Mar 22, 2023 1:29 pm
by Meister
thank you, after logging in again there is no more error :) .