For example we want to termninate https connections for nextcloud running on TrueNAS on the PiKVM.
See the PiKVM docs:
kvmd-certbot certonly_webroot --agree-tos -n --email simar@gmx.net -d pikvm.machine-deck.jeffries-tube.at,opensky.machine-deck.jeffries-tube.at # or kvmd-certbot certonly_webroot --agree-tos -n --email simar@gmx.net --expand -d pikvm.machine-deck.jeffries-tube.at,opensky.machine-deck.jeffries-tube.at
For example for opensky, create a directory /usr/share/kvmd/extras/opensky and then create with nano: nano /usr/share/kvmd/extras/opensky/nginx.ctx-http.conf:
server {
server_name opensky.machine-deck.jeffries-tube.at;
listen [::1]:443 ssl proxy_protocol;
http2 on;
include /etc/kvmd/nginx/ssl.conf;
location / {
proxy_redirect off;
proxy_set_header host opensky.machine-deck.jeffries-tube.at;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header x-forwarded-proto https;
proxy_set_header front-end-https on;
client_max_body_size 20m;
proxy_pass http://192.168.1.150:30027;
}
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location ^~ /.well-known {
return 301 $scheme://$host/index.php$uri;
}
}
Edit the config.php for example in the container nextcloud is running in:
[...], 'trusted_domains' => array ( 0 => '127.0.0.1', 1 => 'localhost', 2 => 'nextcloud', 3 => 'opensky.machine-deck.jeffries-tube.at', ), 'overwriteprotocol' => 'https', 'trusted_proxies' => ['192.168.1.235'], 'forwarded_for_headers' => ['HTTP_X_FORWARDED', 'X_REAL_IP', 'FRONT_END_HTTPS', 'X_FORWARDED_PROTO'],