Compare commits
2 Commits
daf9b1a015
...
init-repo-
| Author | SHA1 | Date | |
|---|---|---|---|
|
4772c708f1 | ||
|
|
6572d2bda7 |
@@ -12,6 +12,8 @@ This repository is a collection of ideas for courses.
|
||||
|
||||
## Ideas
|
||||
|
||||
- [Reverse Proxy Setup with Nginx](ideas/reverse-proxy-setup-with-nginx.md)
|
||||
|
||||
## Courses
|
||||
|
||||
### Beginner
|
||||
|
||||
197
ideas/reverse-proxy-setup-with-nginx.md
Normal file
197
ideas/reverse-proxy-setup-with-nginx.md
Normal file
@@ -0,0 +1,197 @@
|
||||
# Reverse Proxy Setup with NGINX and BIND on Alpine Linux
|
||||
|
||||
This setup should give you a basic reverse proxy configuration using NGINX and a DNS server using BIND on Alpine Linux.
|
||||
|
||||
## Table of Contents
|
||||
|
||||
- [Reverse Proxy Setup with NGINX and BIND on Alpine Linux](#reverse-proxy-setup-with-nginx-and-bind-on-alpine-linux)
|
||||
- [Table of Contents](#table-of-contents)
|
||||
- [Introduction](#introduction)
|
||||
- [Prerequisites](#prerequisites)
|
||||
- [Steps](#steps)
|
||||
- [Step 1: Install Required Packages](#step-1-install-required-packages)
|
||||
- [Step 2: Configure BIND DNS Server](#step-2-configure-bind-dns-server)
|
||||
- [Edit the BIND Configuration](#edit-the-bind-configuration)
|
||||
- [Define Your Zone](#define-your-zone)
|
||||
- [Create Zone File](#create-zone-file)
|
||||
- [Start BIND](#start-bind)
|
||||
- [Step 3: Configure NGINX as a Reverse Proxy](#step-3-configure-nginx-as-a-reverse-proxy)
|
||||
- [Edit NGINX Main Configuration](#edit-nginx-main-configuration)
|
||||
- [Create Server Block Configuration](#create-server-block-configuration)
|
||||
- [Set the Webroot Directory](#set-the-webroot-directory)
|
||||
- [Start NGINX](#start-nginx)
|
||||
- [Step 4: Adjust Firewall Rules (if necessary)](#step-4-adjust-firewall-rules-if-necessary)
|
||||
- [Summary of Important Configuration File Locations](#summary-of-important-configuration-file-locations)
|
||||
- [Final Notes](#final-notes)
|
||||
|
||||
## Introduction
|
||||
|
||||
Setting up a reverse proxy with NGINX as the HTTP server and BIND as the DNS server on Alpine Linux involves several steps. Below is an outline of the setup, including important configuration file locations.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Alpine Linux installed
|
||||
- Root access or sudo privileges
|
||||
|
||||
## Steps
|
||||
|
||||
| # | Step | Description |
|
||||
| --- | ---------------------------------- | ------------------------------------------------- |
|
||||
| 1 | Install Required Packages | Install NGINX and BIND |
|
||||
| 2 | Configure BIND DNS Server | Edit BIND configuration and create zone file |
|
||||
| 3 | Configure NGINX as a Reverse Proxy | Create a server block configuration for your site |
|
||||
| 4 | Adjust Firewall Rules | Allow traffic on ports 80 (HTTP) and 53 (DNS) |
|
||||
|
||||
### Step 1: Install Required Packages
|
||||
|
||||
First, you need to install NGINX and BIND. Open your terminal and run the following command:
|
||||
|
||||
```bash
|
||||
apk add nginx bind
|
||||
```
|
||||
|
||||
### Step 2: Configure BIND DNS Server
|
||||
|
||||
BIND will serve as your DNS server. The main configuration file is usually located at `/etc/bind/named.conf`.
|
||||
|
||||
#### Edit the BIND Configuration
|
||||
|
||||
```bash
|
||||
vi /etc/bind/named.conf
|
||||
```
|
||||
|
||||
#### Define Your Zone
|
||||
|
||||
Add a zone definition for your domain. For example:
|
||||
|
||||
```bash
|
||||
zone "example.com" {
|
||||
type master;
|
||||
file "/etc/bind/db.example.com";
|
||||
};
|
||||
```
|
||||
|
||||
#### Create Zone File
|
||||
|
||||
Create a zone file for your domain:
|
||||
|
||||
```bash
|
||||
vi /etc/bind/db.example.com
|
||||
```
|
||||
|
||||
Sample content for `db.example.com`:
|
||||
|
||||
```dns
|
||||
$TTL 86400
|
||||
@ IN SOA ns.example.com. admin.example.com. (
|
||||
2024102701 ; Serial
|
||||
3600 ; Refresh
|
||||
1800 ; Retry
|
||||
604800 ; Expire
|
||||
86400 ) ; Negative Cache TTL
|
||||
|
||||
@ IN NS ns.example.com.
|
||||
ns IN A 10.0.0.1 ; Replace with your server's IP
|
||||
www IN A 10.0.0.1 ; Replace with your server's IP
|
||||
```
|
||||
|
||||
#### Start BIND
|
||||
|
||||
Start the BIND service and enable it to run on boot:
|
||||
|
||||
```bash
|
||||
rc-service named start
|
||||
rc-update add named
|
||||
```
|
||||
|
||||
### Step 3: Configure NGINX as a Reverse Proxy
|
||||
|
||||
NGINX will act as a reverse proxy, forwarding requests to the backend server. The main configuration file for NGINX is located at `/etc/nginx/nginx.conf`, but you should create a specific server block configuration file for your site.
|
||||
|
||||
#### Edit NGINX Main Configuration
|
||||
|
||||
```bash
|
||||
vi /etc/nginx/nginx.conf
|
||||
```
|
||||
|
||||
Ensure that the following line is included to load additional configuration files:
|
||||
|
||||
```nginx
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
```
|
||||
|
||||
#### Create Server Block Configuration
|
||||
|
||||
Create a new configuration file for your site:
|
||||
|
||||
```bash
|
||||
vi /etc/nginx/conf.d/example.com.conf
|
||||
```
|
||||
|
||||
Sample configuration:
|
||||
|
||||
```nginx
|
||||
server {
|
||||
listen 80;
|
||||
server_name www.example.com;
|
||||
|
||||
location / {
|
||||
proxy_pass http://10.0.0.2; # Replace with your backend server address
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
#### Set the Webroot Directory
|
||||
|
||||
If you want to serve static files, you can set the webroot:
|
||||
|
||||
```nginx
|
||||
location / {
|
||||
root /www; # Your web root directory
|
||||
index index.html index.htm;
|
||||
}
|
||||
```
|
||||
|
||||
#### Start NGINX
|
||||
|
||||
Start the NGINX service and enable it to run on boot:
|
||||
|
||||
```bash
|
||||
rc-service nginx start
|
||||
rc-update add nginx
|
||||
```
|
||||
|
||||
### Step 4: Adjust Firewall Rules (if necessary)
|
||||
|
||||
If you are using a firewall, make sure to allow traffic on port 80 (HTTP) and 53 (DNS):
|
||||
|
||||
```bash
|
||||
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
|
||||
iptables -A INPUT -p udp --dport 53 -j ACCEPT
|
||||
```
|
||||
|
||||
## Summary of Important Configuration File Locations
|
||||
|
||||
- **BIND Configuration:**
|
||||
|
||||
- Main config: `/etc/bind/named.conf`
|
||||
- Zone file: `/etc/bind/db.example.com`
|
||||
|
||||
- **NGINX Configuration:**
|
||||
- Main config: `/etc/nginx/nginx.conf`
|
||||
- Site-specific config: `/etc/nginx/conf.d/example.com.conf`
|
||||
- Webroot: `/www`
|
||||
|
||||
## Final Notes
|
||||
|
||||
- Ensure to replace `example.com` and `backend_server_address` with your actual domain and backend server address.
|
||||
- After making changes, you may need to reload BIND and NGINX to apply the new configurations:
|
||||
|
||||
```bash
|
||||
rc-service named reload
|
||||
rc-service nginx reload
|
||||
```
|
||||
Reference in New Issue
Block a user