Remove html files

.obsidian/workspace.json

@@ -13,12 +13,12 @@
             "state": {
               "type": "markdown",
               "state": {
-                "file": "Templates/blank-template.md",
+                "file": "Public/Guides/reverse_proxy.md",
                 "mode": "preview",
                 "source": true
               },
               "icon": "lucide-file",
-              "title": "blank-template"
+              "title": "reverse_proxy"
             }
           }
         ]
@@ -191,12 +191,12 @@
       "obsidian-git:Open Git source control": false
     }
   },
-  "active": "bbdb625e70da8213",
+  "active": "c892fa5f5c3f77ba",
   "lastOpenFiles": [
+    "Public/Guides/windows_upgrade.md",
+    "Templates/blank-template.md",
     "Public",
     "Public/Guides/create-shh-keys.md",
-    "Templates/blank-template.md",
-    "Public/Guides/windows_upgrade.md",
     "Public/Guides/rdp-with-microsoft-account.md",
     "Public/Guides/reverse_proxy.md",
     "Public/Guides/generate-wireguard.md",

Public/Guides/reverse_proxy.html

@@ -1,129 +0,0 @@
-<!--
-title: Reverse Proxy using a VPS
-description: Self hosted VPS as a Reverse Proxy
-published: true
-date: 2025-02-26T21:09:00.147Z
-tags: public, networking
-editor: ckeditor
-dateCreated: 2023-10-18T18:42:56.780Z
--->
-
-<p>This is a guide to create a reverse proxy using a Virtual Private Server, or VPS so that you can access internally hosted services.&nbsp;</p>
-<h1>My Situation</h1>
-<p>I host some services from my home lab that I access remotely, such as Home Assistant.&nbsp;</p>
-<p>In my previous house, I was the account owner for the internet. I was able to get a static IP, and have the ISP open incoming ports 80 and 443 for web traffic.</p>
-<p>Now I lived in shared accommodation which has an included internet connection, in the form of an Ethernet cable coming out the wall. Everyone just uses the same LAN.<br>I do have access to the router, but to maintain an environment that I can ‘home lab freely' in, I wanted to set up my own LAN.&nbsp;</p>
-<p>I can do this while still utilising the shared connection. We have fiber and my services are not bandwidth heavy.&nbsp;</p>
-<p>I have configured a router of my own with, with all traffic sent via <a href="https://mullvad.net/en">Mullvad VPN</a>.</p>
-<p>Now I need to be able to access my internal services externally, using this same internet connection.</p>
-<h1>The Plan</h1>
-<p>There are some ways I can do this:</p>
-<ul>
-  <li>A VPN to my network, such as OpenVPN, SSL VPN, WireGuard, or even an overlay network such as TailScale.<br>This however this would mean I have to install a VPN app first and configure it. What if someone else wants to watch videos too? They now have to install some VPN app on their TV. Too much work! I just want to be able to browse to a domain to access the site.</li>
-  <li>Get a VPN provider with a static IP. This is not ideal as most VPN providers do not provide static IPs, and if they do, they are quite costly.</li>
-  <li>Use a <a href="https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/">Cloudflare Tunnel</a>. I have used this in past, it is free, however it is not overly well suited for streaming video.&nbsp;<br>I am working towards a goal of being able to stream 4k video remotely.</li>
-</ul>
-<p>Instead, I am going to build my own cloud reverse proxy host.</p>
-<p>This makes use of a Virtual Private Server (VPS) to run Nginx Reverse Proxy Manager. The VPS will have access to the services running on my internal network via a WireGuard VPN.</p>
-<p>This will connect to my home network with a WireGuard VPN, and will run Reverse Proxy Manager to manage incoming web connections.&nbsp;</p>
-<p>To make this, I need a few things:</p>
-<ol>
-  <li>A VPS. There are many to choose from. In the end I went with a server from <a href="https://www.ovhcloud.com/en/">OVHcloud</a>.<ul>
-      <li>WireGuard is efficient compared to other VPN protocols, so the server does not have to be too powerful.</li>
-      <li>Be sure to check how much network traffic the VPS allows. Lots have limits, which may or may not be enough for your use case. I am streaming 4k video so I am looking for unlimited bandwidth.</li>
-    </ul>
-  </li>
-  <li>A router that allows for new VPN interfaces to be created. I use <a href="https://opnsense.org/">opnSense </a>for my router which does allow this.</li>
-</ol>
-<h1>VPS Setup</h1>
-<p>First I need to find a VPS provider. As I said before, I went with a server from <a href="https://www.ovhcloud.com/en/">OVHcloud</a>.</p>
-<p>The server I chose (VLE-4) costs $11 US per month.</p>
-<ul>
-  <li>4 vCores</li>
-  <li>4GB RAM</li>
-  <li>80 GB NVMe SSD</li>
-  <li>1 Gbps unmetered connection</li>
-  <li>1x Static IPv4 address</li>
-  <li>Anti-DDoS Protection Included</li>
-  <li>Ubuntu 23.04</li>
-</ul>
-<p>&nbsp;</p>
-<p>Once I purchased the server and it had provisioned, I connected and set up a few things.&nbsp;</p>
-<ol>
-  <li>Updated to Ubuntu 23.10</li>
-  <li>Enabled Key-Based only login: See this guide: <a href="https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server">How To Configure SSH Key-Based Authentication on a Linux Server</a></li>
-  <li>Enable UFW Firewall<ul>
-      <li>Allow port 22(SSH), 51820/UDP(WireGuard), 443(HTTPS)<br><code>sudo ufw allow &lt;PORTS&gt;</code></li>
-      <li>Enable UFW<br><code>sudo ufw enable</code></li>
-    </ul>
-  </li>
-  <li>Enabled the edge firewall on my hosting provider.&nbsp;</li>
-</ol>
-<h1>VPN Setup</h1>
-<p>After this it is time to install WireGuard VPN on the VPS.</p>
-<p>For this, I mostly followed this guide: <a href="https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04">How To Set Up WireGuard on Ubuntu 20.04</a></p>
-<p>I recommend reading that guide as there are some decisions I made that I do not explain, but at a high level, I followed through the steps up to the end of step 6:</p>
-<ul>
-  <li>Install WireGurad</li>
-  <li>Create a new WireGuard private and public key pair:&nbsp;<br><code>wg genkey | sudo tee /etc/wireguard/private.key</code><br><code>sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key</code></li>
-  <li>Chose a new IP range, I chose 10.0.20.0/24</li>
-  <li>Created a new WireGuard Configuration file:&nbsp;<br><code>/etc/wireguard/wg0.conf</code></li>
-</ul>
-<p>I was then able to start the WireGuard server, however I have still not yet added any peers. The guide explains how to do this on another Linux server, but in this case, I do not want to do that. Instead of step 7:</p>
-<p>This is done in the WireGuard Instance settings in my Router:</p>
-<figure class="image"><img src="/screenshot_2024-03-23_132217.png"></figure>
-<p>&nbsp;</p>
-<figure class="image"><img src="/screenshot_2024-03-31_175906.png"></figure>
-<p>Be sure to check the ‘Disable routes’ option in the Instance, as I will do this manually<br>For the gateway, it does not matter, just as long as it is unique.</p>
-<p>&nbsp;</p>
-<p>Then in the Peers tab:</p>
-<p>The Pubic Key is the Public key from the WireGuard Server on the VPS</p>
-<p>The Endpoint Address is the public IP of the VPS.</p>
-<figure class="image"><img src="/screenshot_2024-03-23_132626.png"></figure>
-<p>After this we can continue with the <a href="https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04">Digital Ocean guide</a> from step 8.</p>
-<p>The below command is then run to add the new opnSense peer to the Wireguard server.</p>
-<p><code>sudo wg set wg0 peer &lt;PUBLIC KEY&gt; allowed-ips 10.0.20.2</code></p>
-<p>After doing this, I can see the VPN connection is up:</p>
-<figure class="image"><img src="/screenshot_2024-03-23_132057.png"></figure>
-<p>&nbsp;</p>
-<p>In the end, my /etc/wireguard/wg0.conf file looked like:</p>
-<pre><code class="language-plaintext">[Interface]  
-Address = 10.0.20.1/24  
-SaveConfig = true  
-PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE  
-PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE  
-ListenPort = 51822  
-PrivateKey = &lt;SERVER PRIVATE KEY&gt;
-
-[Peer]  
-PublicKey = &lt;PEER PUBLIC KEY&gt;
-AllowedIPs = 10.0.20.0/24, 10.0.10.0/24  
-PersistentKeepalive = 25</code></pre>
-<p>&nbsp;</p>
-<h1>Network Setup</h1>
-<p>Now an interface needs to be created on my router for the new VPN connection so that I can configure firewall rules to allow and deny access.&nbsp;</p>
-<p>For opnSense, this is as simple as going to Interfaces &gt; Assignments, and adding the new interface&nbsp;</p>
-<figure class="image"><img src="/screenshot_2024-03-23_133915.png"></figure>
-<p>Then configure the settings as below:</p>
-<figure class="image"><img src="/screenshot_2024-03-23_133945.png"></figure>
-<p>You do not need to configure a IPv4 address, as this will automatically get the IP address specified of the Instance Tunnel Address.</p>
-<p>&nbsp;</p>
-<p>After this, I created the below firewall rule so that the new WireGuard interface could access the LAN.</p>
-<figure class="image"><img src="/screenshot_2024-03-23_221508.png"></figure>
-<p>&nbsp;</p>
-<p>If you have any strange issues, check the routing table (System &gt; Routes &gt; Status) to see if there are any old entries that need to be deleted.&nbsp;</p>
-<p>&nbsp;</p>
-<h1>Reverse Proxy</h1>
-<p>For the reverse Proxy I am using <a href="https://nginxproxymanager.com/">Nginx Reverse Proxy Manager </a>running in a Docker container.</p>
-<p>First, install Docker:<strong> </strong><a href="https://docs.docker.com/engine/install/ubuntu/">Install Docker Engine on Ubuntu</a></p>
-<p>Then I installed Portainer to give a nice webUI to manage Docker: <a href="https://docs.portainer.io/start/install-ce/server/docker/linux">Install Portainer CE with Docker on Linux</a></p>
-<p>Then in Portainer I made a new stack (docker compose).&nbsp;</p>
-<figure class="image"><img src="/screenshot_2024-03-23_222702.png"></figure>
-<p>&nbsp;</p>
-<p>I was then able to log into Reverse Proxy Manager and create the my domains in Reverse Proxy Manager</p>
-<figure class="image"><img src="/screenshot_2024-03-23_222930.png"></figure>
-<p>&nbsp;</p>
-<p>I also needed to point these domains to the public IP of my VPS.&nbsp;</p>
-<p>&nbsp;</p>
-<p>Once this was done, I was able to access the internal services via my domain name.&nbsp;<br>For example, this website!</p>
-<p>&nbsp;</p>