Last active
March 2, 2018 11:41
-
-
Save marlluslustosa/49a75633323351c3fa55b364eb567700 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
upstream tunnel { | |
server 127.0.0.1:5555; | |
} | |
upstream tunnel2 { | |
server 127.0.0.1:5557; | |
} | |
server { | |
listen 443; | |
server_name sub.domain.tk *.sub.domain.tk; | |
location / { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header Host $http_host; | |
proxy_redirect off; | |
proxy_pass http://tunnel; | |
} | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/domain.tk/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/domain.tk/privkey.pem; # managed by Certbot | |
} | |
} | |
server { | |
if ($host = domain.tk) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Included in amazon ec2 - Linux ami free | |
#Create ssh keypair amazon: | |
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html | |
$ adduser usera | |
#Enter in shell usera and 'keygen -y' in MyKeyPair.pem. Copy and paste to server. | |
#Change shell user: | |
vim /etc/passwd | |
usera:x:1009:1009::/home/usera:/bin/false | |
#Install nginx and php-fpm: | |
Configuring tunnel bypass reverse with nginx: | |
file: /etc/nginx/conf.d/default.conf | |
#Create certs ssl certs - LetsCrypt (open source) with certbot | |
https://certbot.eff.org/#pip-nginx | |
obs: remember to remove credentials from index.php when you first renew or create the certificates. | |
other solutions: websockets (wstunnel tool)! | |
#References: | |
https://blog.flowl.info/2011/ssh-tunnel-group-only-and-no-shell-please/ | |
http://adrianorosa.com/blog/nginx/configurar-nginx-https-server-com-self-signed-ssl-certificado.html | |
https://serverfault.com/questions/355271/ssh-over-https-with-proxytunnel-and-nginx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment