diff --git a/reverse_proxy.md b/reverse_proxy.md index f298d03..7ca43bc 100644 --- a/reverse_proxy.md +++ b/reverse_proxy.md @@ -1,9 +1,9 @@ -### Reverse Proxy using a VPS +# Reverse Proxy using a VPS This is a guide to create a reverse proxy using a Virtual Private Server, or VPS so that you can access internally hosted services.  -# My Situation +## My Situation I host some services from my home lab that I access remotely, such as Home Assistant.  @@ -18,7 +18,7 @@ I have configured a router of my own with, with all traffic sent via [Mullvad VP Now I need to be able to access my internal services externally, using this same internet connection. -# The Plan +## The Plan There are some ways I can do this: @@ -41,7 +41,7 @@ To make this, I need a few things: - Be sure to check how much network traffic the VPS allows. Lots have limits, which may or may not be enough for your use case. I am streaming 4k video so I am looking for unlimited bandwidth. 2. A router that allows for new VPN interfaces to be created. I use [opnSense](https://opnsense.org/) for my router which does allow this. -# VPS Setup +## VPS Setup First I need to find a VPS provider. As I said before, I went with a server from [OVHcloud](https://www.ovhcloud.com/en/). @@ -66,7 +66,7 @@ Once I purchased the server and it had provisioned, I connected and set up a few `sudo ufw enable` 4. Enabled the edge firewall on my hosting provider.  -# VPN Setup +## VPN Setup After this it is time to install WireGuard VPN on the VPS. @@ -95,9 +95,8 @@ For the gateway, it does not matter, just as long as it is unique. Then in the Peers tab: -The Pubic Key is the Public key from the WireGuard Server on the VPS - -The Endpoint Address is the public IP of the VPS. +- The Pubic Key is the Public key from the WireGuard Server on the VPS +- The Endpoint Address is the public IP of the VPS. ![](images/wireguard_peer.png) @@ -128,7 +127,7 @@ AllowedIPs = 10.0.20.0/24, 10.0.10.0/24 PersistentKeepalive = 25 ``` -# Network Setup +## Network Setup Now an interface needs to be created on my router for the new VPN connection so that I can configure firewall rules to allow and deny access.  @@ -148,7 +147,7 @@ After this, I created the below firewall rule so that the new WireGuard interfac If you have any strange issues, check the routing table (System > Routes > Status) to see if there are any old entries that need to be deleted.  -# Reverse Proxy +## Reverse Proxy For the reverse Proxy I am using [Nginx Reverse Proxy Manager](https://nginxproxymanager.com/) running in a Docker container.