search

nwtgck / piping-server

Infinitely transfer between every device over pure HTTP with pipes or browsers
MIT License
3k stars 155 forks source link

Need full nginx or caddy reverse proxy example conf with ssl termination for piping-server #696

Closed m2acgi closed 2 years ago

m2acgi commented 2 years ago

Need full nginx or caddy reverse proxy example conf with ssl termination for piping-server.

I can't find any official documentation for this. Please help. Thanks.

nwtgck commented 2 years ago

I list up the reverse proxy examples here.

Note that the repositories have high reproducibility but are not up to date. I should update them and list up wiki or something you can easily to find.

Nginx

https://github.com/nwtgck/piping-server-nginx-docker-compose

However, as you know, nginx has the streaming problem: https://github.com/nwtgck/piping-server/issues/617.

Caddy

https://github.com/nwtgck/piping-server-basic-auth-docker-compose (main purpose was for supporting basic auth)

nghttp2

https://github.com/nwtgck/piping-server-http2-docker-compose (main purpose was for supporting HTTP/2)

HAProxy

https://github.com/nwtgck/piping-server-haproxy-docker-compose

HAProxy (load balancing)

https://github.com/nwtgck/piping-server-load-balancer-docker-compose (main purpose was for supporting path-based load balancing)

I use some reverse proxy applications with Piping Server. My best reverse proxy is nghttpx. It seems to be very pure and not modify requests and responses like caching as much as possible by default and respect HTTP streams.

m2acgi commented 2 years ago

Thanks you for your reply! These examples is too complex or useless for my scenes for me. I've test caddy 2 with piping-server, this conf works well:

https://piping.example.com {
        # http basic auth
    basicauth * {
                Bob JDJhJDEwJEVCNmdaNEg2Ti5iejRMYkF3MFZhZ3VtV3E1SzBWZEZ5Q3VWc0tzOEJwZE9TaFlZdEVkZDhX
    }

    reverse_proxy 127.0.0.1:8080
}
nwtgck commented 2 years ago

Good!

m2acgi commented 2 years ago

😄

ParkerOu commented 1 year ago

I am using nginx as a reverse proxy. I could not use piping-ssh-web and self-hosted piping-server to ssh server. Could you help me adjust my nginx config? @nwtgck Thanks a lot!

piping-server: piping-server piping-ssh-web: ERR_H2_OR_QUIC_REQUIRED piping-ssh-web ssh-server: ssh-server

nginx config:

server {
  server_name my-domain-name; # managed by Certbot

  real_ip_header X-Forwarded-For;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;

  // skip some reverse proxy rules...

  location /piping-server {
                proxy_read_timeout 120s;
                client_max_body_size 0;
                proxy_http_version 1.1;
                proxy_buffering off;
                proxy_request_buffering off;
                rewrite /piping-server/(.*) /$1 break;
                proxy_set_header X-Request-Start $msec;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $http_connection;
                proxy_pass http://localhost:8324;
  }

  // skip ssl settings...
}
// skip Certbot generated rules

viedo: https://youtu.be/SIx1gHdxG8g

m2acgi commented 1 year ago

@ParkerOu nginx not work with piping-server, you can try Caddy2.

ParkerOu commented 1 year ago

@m2acgi Thanks! I would try using piping-server options with: --enable-https, --https-port, --key-path, --crt-path

nwtgck commented 1 year ago

@m2acgi Thanks!

@ParkerOu You may not need to use --enable-https, --https-port, --key-path, --crt-path options with Caddy because Caddy terminates TLS.

ParkerOu commented 1 year ago

You may not need to use --enable-https, --https-port, --key-path, --crt-path options with Caddy because Caddy terminates TLS.

I meant not use web server like Caddy or nginx to achieve https, just using piping-server only with its options. It works perfectly.