Hi to everyone,
been struggling on this lately and even if I have been reading a lot on forums, blogs I still can't figure it out and maybe I should have asked straight in the beginning at the source.
A bit of bckground to start :
- Currently building up a POC with Vmware Horizon Workspace and as per the install notes, in order to make it accessible from outside of your network you have to use a loabbalancer - reverse proxy such as F5 or Nginx.
http://pubs.vmware.com/horizon-workspace-10/index.jsp?topic=%2Fcom.vmware.hs-install.doc_10%2FGUID-959E0EFF-AF1F-4479-A19C-98BAF813E73C.html
- I have installed Nginx on a minimal CentOS VM and trying to reroute the incoming https traffic to the backends which only accept https but so far no luck. Just came up with this config that I haven t tested yet and itis time to go and get some rest so if anyone would be so kind to correct, modify or simply tell me what I am doing wrong it would be really appreciated.
- Last but not least, I assume that the virtual machine running Nginx needs two nic. One in DMZ and one on the internal network right ? Or just one nic in DMZ with rules in the firewall to allow https traffic would be enough ?
nginx.conf:
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
}
upstream webserver {
server 10.10.10.55:443;
server 10.10.10.56:443;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/mysite_company_com.pem;
ssl_certificate_key /etc/mysite_company_com.key;
server_name www.mysite.company.com;
location / {
# needed for HTTPS
#proxy_set_header X_FORWARDED_PROTO https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect false;
proxy_max_temp_file_size 0;
proxy_pass https://webserver;
} #end location
} #end server
Cheers
Eelm
been struggling on this lately and even if I have been reading a lot on forums, blogs I still can't figure it out and maybe I should have asked straight in the beginning at the source.
A bit of bckground to start :
- Currently building up a POC with Vmware Horizon Workspace and as per the install notes, in order to make it accessible from outside of your network you have to use a loabbalancer - reverse proxy such as F5 or Nginx.
http://pubs.vmware.com/horizon-workspace-10/index.jsp?topic=%2Fcom.vmware.hs-install.doc_10%2FGUID-959E0EFF-AF1F-4479-A19C-98BAF813E73C.html
- I have installed Nginx on a minimal CentOS VM and trying to reroute the incoming https traffic to the backends which only accept https but so far no luck. Just came up with this config that I haven t tested yet and itis time to go and get some rest so if anyone would be so kind to correct, modify or simply tell me what I am doing wrong it would be really appreciated.
- Last but not least, I assume that the virtual machine running Nginx needs two nic. One in DMZ and one on the internal network right ? Or just one nic in DMZ with rules in the firewall to allow https traffic would be enough ?
nginx.conf:
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
}
upstream webserver {
server 10.10.10.55:443;
server 10.10.10.56:443;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/mysite_company_com.pem;
ssl_certificate_key /etc/mysite_company_com.key;
server_name www.mysite.company.com;
location / {
# needed for HTTPS
#proxy_set_header X_FORWARDED_PROTO https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect false;
proxy_max_temp_file_size 0;
proxy_pass https://webserver;
} #end location
} #end server
Cheers
Eelm