pikvm:https_certificates_for_services_on_other_machines
**This is an old revision of the document!**
Table of Contents
HTTPS certificates for services on other machines
For example we want to termninate https connections for nextcloud running on TrueNAS on the PiKVM.
Create or expand the certbot setup
See the PiKVM docs:
kvmd-certbot certonly_webroot --agree-tos -n --email simar@gmx.net -d pikvm.machine-deck.jeffries-tube.at,opensky.machine-deck.jeffries-tube.at # or kvmd-certbot certonly_webroot --agree-tos -n --email simar@gmx.net --expand -d pikvm.machine-deck.jeffries-tube.at,opensky.machine-deck.jeffries-tube.at
Configure the virtual host
For example for opensky, create a directory /usr/share/kvmd/extras/opensky and then create with nano: nano /usr/share/kvmd/extras/opensky/nginx.ctx-http.conf:
server {
server_name opensky.machine-deck.jeffries-tube.at;
listen [::1]:443 ssl proxy_protocol;
http2 on;
include /etc/kvmd/nginx/ssl.conf;
location / {
proxy_redirect off;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header x-forwarded-proto https;
proxy_set_header front-end-https on;
proxy_pass http://192.168.1.150:30027;
}
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location ^~ /.well-known {
return 301 $scheme://$host/index.php$uri;
}
}
pikvm/https_certificates_for_services_on_other_machines.1739657676.txt.gz · Last modified: by admin