Running cockpit behind nginx reverse proxy with nginx ssl and cockpit non ssl

Domain for web access to cockpit : cockpit.mylab.local

cockpit server ip : 192.168.1.61
nginx server ip   : 192.168.1.65
Linux distro using is Centos 7.6

Login to cockpit server

Create a file
[root@repo ~]# vim /etc/cockpit/cockpit.conf
content will be like

[WebService]
Origins = https://cockpit.mylab.local wss://cockpit.mylab.local
ProtocolHeader = X-Forwarded-Proto
AllowUnencrypted = true

save and restart cockpit

# systemctl restart cockpit

now  login to your nginx webserver and install nginx

# yum install nginx -y

create a new file vim /etc/nginx/conf.d/cockpit.conf

paste content as bellow

server {
    listen         80;
    listen         443 ssl http2;
    server_name    cockpit.mylab.local;
    ssl_certificate /etc/ssl/certs/cockpit-selfsigned.crt;
    ssl_certificate_key  /etc/ssl/private/cockpit-selfsigned.key;

    location / {
        proxy_pass http://192.168.1.61:9090;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_buffering off;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        gzip off;
        }
}

save file check syntax error
# nginx -t

restart service
# systemctl restart nginx

Note i am using own certificate and key here with ngixn which is internally signed. It is recommended to use a valid certificate with letsencrypt.

Comments

Popular posts from this blog

How to create bulk user from csv in openldap server

setting up openshift alert manager mail alerting based on critical and warning