Jump to content
Not connected, Your IP: 18.222.161.245
YeloHowArEYoU

Run web-server behind AirVPN with NGINX + domain - HOW?!

Recommended Posts

Posted ... (edited)

Hey!

I have managed to set up VPN on my VPS so I know can connect via SSH to vpn ip + port.
My domain is also pointed to the IP by an A-record and resolves fine when ping domain.com.

But I just dont understand how to configure the nginx config correctly so domain.com corresponds with the VPN IP.

Ive tried putting the open port here and there in my nginx config but the closest I've come is
http://VPNIP:port which works
[does not load https though!]

So I am now after hours of trying kindly asking a brainiac from here to help me.


##################################

server {
    server_name domain.com;
    root /var/www/website/public;

    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/run/php/php8.2-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name domain.com;
    return 404; # managed by Certbot


}


##################################

I've reverted to the original config that worked before I enabled VPN on the server. With the above domain.com loads fine and sends to https://.

VALUES FOR DEMONSTRATION
Domain: domain.com
PrivateIP: 0.0.0
VPN IP: 1.1.1
Non-VPN-Server IP: 5.5.5
Open ports: 11, 22, 33, 44, 55
VALUES FOR DEMONSTRATION

Is there aaanyone that perhaps already have done it and have a ready copy paste config?

10000 Thanks!!!!!!!!!!!!!!!!!

Edit: I've seen this



 but I can't or well I DONT KNOW HOW to apply this in my case....



TL;DR
I want to be able to visit domain.com which is hosted on a webserver, thats behind an AirVPN (without doing https//domain.com:p
ort).

Edited ... by YeloHowArEYoU

Share this post


Link to post
4 hours ago, YeloHowArEYoU said:

But I just dont understand how to configure the nginx config correctly so domain.com corresponds with the VPN IP.


Actually, this is not necessary at all unless you don't want that server to be reachable on the physical interface.
 
4 hours ago, YeloHowArEYoU said:
I want to be able to visit domain.com which is hosted on a webserver, thats behind an AirVPN (without doing https//domain.com:port).

Well, you will need to specify the port at all times. If you don't want that, you absolutely need a reachable port 80/443 on some machine reverse-proxying requests to the domain.com machine.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
23 hours ago, YeloHowArEYoU said:

Sounds like advanced stuff so I guess I give up. Very hard to find ANY tutorials about this too! Thanks for your input :)


Reverse-proxying is quite easy. The more difficult part comes from the fact that you can't forward port 80/443 with AirVPN, so regular webhosting behind a VPN server is impossible.
It becomes possible if you point domain.com at a machine with a webserver listening on the regular HTTP ports, and which proxies requests to the machine behind AirVPN. The DDNS feature comes in handy here – this way there's no need to keep track of any IPs, the DDNS name always points at the hosting machine behind AirVPN. But then you have to wonder – why even host something behind AirVPN if you can host on whatever machine listens on the HTTP ports?

By the way, on-topic but diverges a little: If nginx syntax is too much for you, I recommend Caddy. The syntax is much easier to grasp and consists of { } config blocks for the domains/IPs you want to host. Best part: HTTPS is enabled and issued with Let's Encrypt by default. A simple Caddyfile for hosting files is literally 2-3 lines.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
5 hours ago, OpenSourcerer said:

Reverse-proxying is quite easy. The more difficult part comes from the fact that you can't forward port 80/443 with AirVPN, so regular webhosting behind a VPN server is impossible.
It becomes possible if you point domain.com at a machine with a webserver listening on the regular HTTP ports, and which proxies requests to the machine behind AirVPN. The DDNS feature comes in handy here – this way there's no need to keep track of any IPs, the DDNS name always points at the hosting machine behind AirVPN. But then you have to wonder – why even host something behind AirVPN if you can host on whatever machine listens on the HTTP ports?

By the way, on-topic but diverges a little: If nginx syntax is too much for you, I recommend Caddy. The syntax is much easier to grasp and consists of { } config blocks for the domains/IPs you want to host. Best part: HTTPS is enabled and issued with Let's Encrypt by default. A simple Caddyfile for hosting files is literally 2-3 lines.

Thanks a lot for such informative input OpenSourcerer. Appreciate it!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...