extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-01-09 15:38:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
739ce9992b
zrok/assets/js/48230885.23704b76.js

1 line
8.0 KiB
JavaScript
Raw Normal View History

deploy: 67b8dcb41c9aee7bfddc3c99f54676308b327fdc
2024-04-30 22:58:09 +02:00
"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[9828],{7569:(e,n,r)=>{r.r(n),r.d(n,{assets:()=>a,contentTitle:()=>s,default:()=>h,frontMatter:()=>i,metadata:()=>l,toc:()=>c});var t=r(5893),o=r(1151);const i={sidebar_position:50,sidebar_label:"NGINX TLS"},s="NGINX Reverse Proxy for zrok",l={id:"guides/self-hosting/nginx_tls_guide",title:"NGINX Reverse Proxy for zrok",description:"Walkthrough Video",source:"@site/../docs/guides/self-hosting/nginx_tls_guide.md",sourceDirName:"guides/self-hosting",slug:"/guides/self-hosting/nginx_tls_guide",permalink:"/docs/guides/self-hosting/nginx_tls_guide",draft:!1,unlisted:!1,editUrl:"https://github.com/openziti/zrok/blob/main/docs/../docs/guides/self-hosting/nginx_tls_guide.md",tags:[],version:"current",sidebarPosition:50,frontMatter:{sidebar_position:50,sidebar_label:"NGINX TLS"},sidebar:"tutorialSidebar",previous:{title:"Docker",permalink:"/docs/guides/self-hosting/docker"},next:{title:"Metrics and Limits",permalink:"/docs/category/metrics-and-limits"}},a={},c=[{value:"Walkthrough Video",id:"walkthrough-video",level:2},{value:"Before You Begin",id:"before-you-begin",level:2},{value:"Choose a Reverse Proxy Address",id:"choose-a-reverse-proxy-address",level:2},{value:"Obtain a Wildcard Server Certificate",id:"obtain-a-wildcard-server-certificate",level:2},{value:"Install NGINX",id:"install-nginx",level:2},{value:"Configure NGINX",id:"configure-nginx",level:2},{value:"Restart NGINX",id:"restart-nginx",level:2},{value:"Check the Firewall",id:"check-the-firewall",level:2},{value:"Update the zrok Frontend",id:"update-the-zrok-frontend",level:2}];function d(e){const n={a:"a",blockquote:"blockquote",code:"code",h1:"h1",h2:"h2",li:"li",ol:"ol",p:"p",pre:"pre",...(0,o.a)(),...e.components};return(0,t.jsxs)(t.Fragment,{children:[(0,t.jsx)(n.h1,{id:"nginx-reverse-proxy-for-zrok",children:"NGINX Reverse Proxy for zrok"}),"\n",(0,t.jsx)(n.h2,{id:"walkthrough-video",children:"Walkthrough Video"}),"\n",(0,t.jsx)("iframe",{width:"100%",height:"315",src:"https://www.youtube.com/embed/870A5dke_u4?start=1080",title:"YouTube video player",frameborder:"0",allow:"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share",allowfullscreen:!0}),"\n",(0,t.jsx)(n.h2,{id:"before-you-begin",children:"Before You Begin"}),"\n",(0,t.jsxs)(n.p,{children:["I'll assume you have a running zrok controller and frontend and wish to front both with NGINX providing server TLS. Go back to ",(0,t.jsx)(n.a,{href:"/docs/guides/self-hosting/linux",children:"Self-Hosting Guide"})," if you still need to spin those up."]}),"\n",(0,t.jsx)(n.h2,{id:"choose-a-reverse-proxy-address",children:"Choose a Reverse Proxy Address"}),"\n",(0,t.jsxs)(n.p,{children:["I'll use ",(0,t.jsx)(n.code,{children:"https://api.zrok.quigley.com:443"})," in this example, and assume you already set up wildcard DNS like ",(0,t.jsx)(n.code,{children:"*.zrok.quigley.com"}),". This lets us elect ",(0,t.jsx)(n.code,{children:"api.zrok.quigley.com"})," as the controller DNS name, and forward any other incoming requests to the zrok public frontend."]}),"\n",(0,t.jsx)(n.h2,{id:"obtain-a-wildcard-server-certificate",children:"Obtain a Wildcard Server Certificate"}),"\n",(0,t.jsx)(n.p,{children:"You must complete a DNS challenge to obtain a wildcard certificate from Let's Encrypt. I'll assume you know how to create the necessary TXT record in the DNS zone you're using with zrok."}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:["Install certbot: ",(0,t.jsx)(n.a,{href:"https://eff-certbot.readthedocs.io/en/stable/install.html",children:"https://eff-certbot.readthedocs.io/en/stable/install.html"})]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:["Run certbot with the manual plugin: ",(0,t.jsx)(n.a,{href:"https://certbot.eff.org/docs/using.html#manual",children:"https://certbot.eff.org/docs/using.html#manual"})]}),"\n",(0,t.jsx)(n.pre,{children:(0,t.jsx)(n.code,{className:"language-bash",children:"# install cert for *.zrok.quigley
Reference in New Issue Copy Permalink