So, finally can give feedback. Stream works very well for the OpenVPN (using TCP).
Only thing I had to change was
proxy_conenct_timeout
proxy_timeout
Set both values to 300s, otherwise the OpenVPN client keeps disconnecting.
So the config looks as follows now:
stream{
upstream backend {
hash $remote_addr consistent;
server 10.50.40.1:8443;
}
server {
listen 10.50.39.123:443 so_keealive=on;
proxy_connect_timeout 300s;
proxy_timeout 300s;
proxy_pass backend;
}
}
Only thing I wonder now:
Can I still use the same instance of NGINX to also handle HTTPS requests on 443 (apart from the stream module handling stream)? I have no clue how NGINX would be able to tell them apart, but,...maybe that works. Would save me another proxy cluster :-)
Only thing I had to change was
proxy_conenct_timeout
proxy_timeout
Set both values to 300s, otherwise the OpenVPN client keeps disconnecting.
So the config looks as follows now:
stream{
upstream backend {
hash $remote_addr consistent;
server 10.50.40.1:8443;
}
server {
listen 10.50.39.123:443 so_keealive=on;
proxy_connect_timeout 300s;
proxy_timeout 300s;
proxy_pass backend;
}
}
Only thing I wonder now:
Can I still use the same instance of NGINX to also handle HTTPS requests on 443 (apart from the stream module handling stream)? I have no clue how NGINX would be able to tell them apart, but,...maybe that works. Would save me another proxy cluster :-)