dataset/seed/nginx-reverse-proxy/README.md

---
gitea: none
include_toc: true
---


[Return to the list of application services.](../README.md)
# nginx-reverse-proxy

## Synopsis


[Nginx as reverse proxy.](https://nginx.org/)

The reverse proxy provides access to internal services.
These internal services are integrated automatically.

## Basic variables

### General

#### NGINX

| Parameter                                                                                                                                                                                                                       | Comments                                                                                                                                                                                                                                                                                        |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **[general.nginx.nginx_default](dictionaries/25_nginx.xml)**<br/>mandatory<br/>**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable)           | Default reverse proxy domaine name.<br/>If a client access to reverse proxy with an unknown domain name, the connexion is redirect to this domain name. By default this variable is the first associated service to this reverse proxy.<br/>**Default:** *calculated*                           |
| **[general.nginx.nginx_certificates_provider](dictionaries/25_nginx.xml)**<br/>mandatory<br/>**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Type of certificate autority signing external certificates.<br/>The certificate can be self-signed (therefore invalid by default for the client) or obtained via the Let's Encrypt service (generally valid for the client).<br/>**Choices:**<br/>- `self-signed` ← default<br/>- `letsencrypt` |


## Variables for expert

### General

#### NGINX

| Parameter                                                                                                                                                                                                                  | Comments                                                                                                       |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------|
| **[general.nginx.nginx_hash_bucket_size](dictionaries/21_nginx.xml)**<br/>mandatory<br/>**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | The bucket size for the server names hash tables.<br/>**Choices:**<br/>- `128` ← default<br/>- `64`<br/>- `32` |
| **[general.nginx.nginx_post_max_size](dictionaries/21_nginx.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable)    | The maximum allowed size of the client request body.<br/>This value is in Mb.<br/>**Default:** 32              |

## Requirements services

### Mandatories

- [LocalDNS](../README.LocalDNS.md): DNS forwarder for local domain name.

### Optionals

- [Journald](../README.Journald.md): Remote journald.

## Example

Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.

```
nginx-reverse-proxy:
  applicationservice: nginx-reverse-proxy
  provider_zone: reverseproxy
  zones_name:
    - localdns
```

## Dependances

- [nginx-common](../nginx-common/README.md)
- [base-fedora-37](../base-fedora-37/README.md)
  - [base-fedora](../base-fedora/README.md)
    - [systemd](../systemd/README.md)
      - [base-machine](../base-machine/README.md)
        - [base](../base/README.md)
        - [dns-local](../dns-local/README.md)
        - [pki-tls](../pki-tls/README.md)
      - [journald](../journald/README.md)
      - [resolved](../resolved/README.md)

## Useful for services

- [dovecot](../dovecot/README.md): Postfix and Dovecot as mail servers (IMAP and submission).
- [forgejo](../forgejo/README.md): Forgejo, a community managed lightweight code hosting solution.
- [gitea](../gitea/README.md): Transitional package for Gitea to Forgejo.
- [grafana](../grafana/README.md): Grafana is an analytics and interactive visualization web application.
- [lemonldap](../lemonldap/README.md): LemonLDAP, a Web Single Sign On and Access Management.
- [mailman](../mailman/README.md): GNU Mailman, managing electronic mail discussion and e-newsletter lists.
- [nextcloud](../nextcloud/README.md): Nextcloud, Online collaboration platform.
- [nginx-static](../nginx-static/README.md): Nginx as static web site.
- [odoo](../odoo/README.md): Odoo, an ERP and CRM.
- [peertube](../peertube/README.md): Peertube, a federated (ActivityPub) video streaming platform.
- [piwigo](../piwigo/README.md): Piwigo, a photo management software.
- [roundcube](../roundcube/README.md): Roundcube, a webmail.
- [speedtest-rs](../speedtest-rs/README.md): Speedtest-rs, a very lightweight Speedtest.
- [vaultwarden](../vaultwarden/README.md): Vaultwarden, a password manager.
docs for application services 2022-12-24 13:01:51 +01:00			`---`
			`gitea: none`
			`include_toc: true`
			`---`

update doc 2023-08-11 09:38:05 +02:00
			`[Return to the list of application services.](../README.md)`
docs for application services 2022-12-24 13:01:51 +01:00			`# nginx-reverse-proxy`

update doc 2023-08-02 09:26:54 +02:00			`## Synopsis`
docs for application services 2022-12-24 13:01:51 +01:00

update doc 2023-08-11 09:38:05 +02:00			`[Nginx as reverse proxy.](https://nginx.org/)`
docs for application services 2022-12-24 13:01:51 +01:00
update doc 2023-08-11 09:38:05 +02:00			`The reverse proxy provides access to internal services.`
			`These internal services are integrated automatically.`
update doc 2023-08-01 15:13:17 +02:00
update doc 2023-08-11 09:38:05 +02:00			`## Basic variables`
update doc 2023-08-01 15:13:17 +02:00
update doc 2023-08-11 09:38:05 +02:00			`### General`
update doc 2023-08-01 15:13:17 +02:00
update doc 2023-08-02 09:26:54 +02:00			`#### NGINX`

update doc 2023-08-11 09:38:05 +02:00			\| Parameter \| Comments \|
			\|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\|
			\| [general.nginx.nginx_default](dictionaries/25_nginx.xml)<br/>mandatory<br/>Type: [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) \| Default reverse proxy domaine name.<br/>If a client access to reverse proxy with an unknown domain name, the connexion is redirect to this domain name. By default this variable is the first associated service to this reverse proxy.<br/>Default: calculated \|
			\| [general.nginx.nginx_certificates_provider](dictionaries/25_nginx.xml)<br/>mandatory<br/>Type: [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) \| Type of certificate autority signing external certificates.<br/>The certificate can be self-signed (therefore invalid by default for the client) or obtained via the Let's Encrypt service (generally valid for the client).<br/>Choices:<br/>- `self-signed` ← default<br/>- `letsencrypt` \|
update doc 2023-08-02 09:26:54 +02:00

			`## Variables for expert`

update doc 2023-08-11 09:38:05 +02:00			`### General`
update doc 2023-08-02 09:26:54 +02:00
			`#### NGINX`

update doc 2023-08-11 09:38:05 +02:00			`\| Parameter \| Comments \|`
			`\|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\|----------------------------------------------------------------------------------------------------------------\|`
			\| [general.nginx.nginx_hash_bucket_size](dictionaries/21_nginx.xml)<br/>mandatory<br/>Type: [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) \| The bucket size for the server names hash tables.<br/>Choices:<br/>- `128` ← default<br/>- `64`<br/>- `32` \|
			\| [general.nginx.nginx_post_max_size](dictionaries/21_nginx.xml)<br/>mandatory<br/>Type: [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) \| The maximum allowed size of the client request body.<br/>This value is in Mb.<br/>Default: 32 \|
update doc 2023-08-02 09:26:54 +02:00
			`## Requirements services`

update doc 2023-08-11 09:38:05 +02:00			`### Mandatories`

			`- [LocalDNS](../README.LocalDNS.md): DNS forwarder for local domain name.`
update doc 2023-08-01 15:13:17 +02:00
update doc 2023-08-11 09:38:05 +02:00			`### Optionals`

			`- [Journald](../README.Journald.md): Remote journald.`
update doc 2023-08-02 09:26:54 +02:00
			`## Example`

			`Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.`
update doc 2023-08-01 15:13:17 +02:00
			```
			`nginx-reverse-proxy:`
			`applicationservice: nginx-reverse-proxy`
			`provider_zone: reverseproxy`
			`zones_name:`
			`- localdns`
			```

docs for application services 2022-12-24 13:01:51 +01:00			`## Dependances`

update documentations 2023-01-17 21:43:32 +01:00			`- [nginx-common](../nginx-common/README.md)`
			`- [base-fedora-37](../base-fedora-37/README.md)`
docs for application services 2022-12-24 13:01:51 +01:00			`- [base-fedora](../base-fedora/README.md)`
			`- [systemd](../systemd/README.md)`
			`- [base-machine](../base-machine/README.md)`
			`- [base](../base/README.md)`
			`- [dns-local](../dns-local/README.md)`
TLS 2023-02-14 14:24:16 +01:00			`- [pki-tls](../pki-tls/README.md)`
doc: update README files 2023-06-29 18:56:46 +02:00			`- [journald](../journald/README.md)`
update doc 2023-07-31 18:41:59 +02:00			`- [resolved](../resolved/README.md)`
docs for application services 2022-12-24 13:01:51 +01:00
update doc 2023-08-11 09:38:05 +02:00			`## Useful for services`

			`- [dovecot](../dovecot/README.md): Postfix and Dovecot as mail servers (IMAP and submission).`
			`- [forgejo](../forgejo/README.md): Forgejo, a community managed lightweight code hosting solution.`
			`- [gitea](../gitea/README.md): Transitional package for Gitea to Forgejo.`
			`- [grafana](../grafana/README.md): Grafana is an analytics and interactive visualization web application.`
			`- [lemonldap](../lemonldap/README.md): LemonLDAP, a Web Single Sign On and Access Management.`
			`- [mailman](../mailman/README.md): GNU Mailman, managing electronic mail discussion and e-newsletter lists.`
			`- [nextcloud](../nextcloud/README.md): Nextcloud, Online collaboration platform.`
			`- [nginx-static](../nginx-static/README.md): Nginx as static web site.`
			`- [odoo](../odoo/README.md): Odoo, an ERP and CRM.`
			`- [peertube](../peertube/README.md): Peertube, a federated (ActivityPub) video streaming platform.`
			`- [piwigo](../piwigo/README.md): Piwigo, a photo management software.`
			`- [roundcube](../roundcube/README.md): Roundcube, a webmail.`
			`- [speedtest-rs](../speedtest-rs/README.md): Speedtest-rs, a very lightweight Speedtest.`
			`- [vaultwarden](../vaultwarden/README.md): Vaultwarden, a password manager.`