Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
upstream tunnel {
server 127.0.0.1:5555;
}
upstream tunnel2 {
server 127.0.0.1:5557;
}
server {
listen 443;
server_name sub.domain.tk *.sub.domain.tk;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://tunnel;
}
ssl on;
ssl_certificate /etc/letsencrypt/live/domain.tk/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.tk/privkey.pem; # managed by Certbot
}
}
server {
if ($host = domain.tk) {
return 301 https://$host$request_uri;
} # managed by Certbot
}
#Included in amazon ec2 - Linux ami free
#Create ssh keypair amazon:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
$ adduser usera
#Enter in shell usera and 'keygen -y' in MyKeyPair.pem. Copy and paste to server.
#Change shell user:
vim /etc/passwd
usera:x:1009:1009::/home/usera:/bin/false
#Install nginx and php-fpm:
Configuring tunnel bypass reverse with nginx:
file: /etc/nginx/conf.d/default.conf
#Create certs ssl certs - LetsCrypt (open source) with certbot
https://certbot.eff.org/#pip-nginx
obs: remember to remove credentials from index.php when you first renew or create the certificates.
other solutions: websockets (wstunnel tool)!
#References:
https://blog.flowl.info/2011/ssh-tunnel-group-only-and-no-shell-please/
http://adrianorosa.com/blog/nginx/configurar-nginx-https-server-com-self-signed-ssl-certificado.html
https://serverfault.com/questions/355271/ssh-over-https-with-proxytunnel-and-nginx
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.