diff --git a/Conf/Proxmox.conf b/Conf/Proxmox.conf index 6da0967..c4dedc4 100644 --- a/Conf/Proxmox.conf +++ b/Conf/Proxmox.conf @@ -2,88 +2,51 @@ server { listen 564 ssl; server_name kvm.nazuna.ovh; + # SSL configuration ssl_certificate /root/certs/pve-sto/cert.pem; ssl_certificate_key /root/certs/pve-sto/key.pem; - # Proxy configuration for Proxmox Backup Server (PBS) - location /pbs/ { - proxy_pass https://192.168.2.180:8007/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_ssl_verify off; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection 'upgrade'; - proxy_read_timeout 3600; - } - - # Proxy configuration for Proxmox VE (Main) + # Main Proxmox VE location (e.g., Proxmox VE 1) location /main/ { - proxy_pass https://192.168.2.178:8006/; + proxy_pass https://192.168.2.180:8006/; # Proxmox VE 1 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - proxy_ssl_verify off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_read_timeout 3600; } - # Proxy configuration for Proxmox Storage Node + # Proxmox Backup Server location (e.g., PBS) + location /pbs/ { + proxy_pass https://192.168.2.179:8007/; # Proxmox Backup Server + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_ssl_verify off; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_read_timeout 3600; + } + + # Proxmox VE location (e.g., Proxmox VE 2) location /sto/ { - proxy_pass https://192.168.2.179:8006/; + proxy_pass https://192.168.2.178:8006/; # Proxmox VE 2 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - proxy_ssl_verify off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_read_timeout 3600; } - # Proxy configuration for /pve2/ paths - location /pve2/pbs/ { - proxy_pass https://192.168.2.180:8007/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_ssl_verify off; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection 'upgrade'; - proxy_read_timeout 3600; - } - - location /pve2/main/ { - proxy_pass https://192.168.2.178:8006/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_ssl_verify off; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection 'upgrade'; - proxy_read_timeout 3600; - } - - location /pve2/sto/ { - proxy_pass https://192.168.2.179:8006/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_ssl_verify off; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection 'upgrade'; - proxy_read_timeout 3600; - } + # Optional: Redirect HTTP to HTTPS + error_page 497 https://$host$request_uri; } + +# Ensure HTTP is redirected to HTTPS