Answer the question
In order to leave comments, you need to log in
Several servers with SSL, one external IP, mikrotik. How?
Friends, I need help setting it up.
There is one external IP address that goes to the Mikrotik router. Behind it is an already configured and working NextCloud server with a Lets'nCrypt SSL certificate installed via snap. Now there is a need to raise a few more different servers for web sites, which will also receive an SSL certificate. OnlyOffice is also installed on the NextCloud server on the third-level domain onlyoffice.*****.ru in order for everything to work well from the external network and an SSL certificate is also connected to it.
How can I make the following diagram:
On a separate machine, I want to set up a web server that will send requests to other servers on the network. It is not difficult to do this without SSL, but with certificates I fell into a stupor. I tried to deploy VestaCP on a separate machine. Is it possible to somehow make it so that when contacting the address nextcloud.ru (name for example), the request is sent to the server with VestaCP, and from there it is already sent to the server where Nextcloud is installed. At the same time, so that there are no SSL certificate errors and it is possible to create other web pages on VestaCP also with SSL. Or through some other web server control panel.
For example, we have the following addresses:
1.1.1.1 - external address
192.168.1.10 - Nextcloud address
192.168.1.20 - VestaCP address
Help with advice, I'm sure there is an instruction on how to do this, but I can not correctly form a request to Google. I heard about SNI, but again - I don’t really understand how to implement it. Thank you all in advance.
Answer the question
In order to leave comments, you need to log in
The issue was resolved.
The solution is as follows (if anyone needs it):
We redirect all requests from outside (and from the internal network) to the web server with the message. We create a site on it with the name that is used on another web server (for example: I already had a nextcloud with an SSL certificate installed on another VM, the site address for example is nextcloud.ru) and check that it is available via http. Further, through the vesta console itself, we get an ssl certificate for it. Then we go to the folder of this very site, where the settings for Apache and ngix are located, by default - /home/username/conf/. There we find nextcloud.ru.nginx.conf and replace the proxy_pass parameter with the ip address and port of the server where the service is installed (or the website is hosted). After that, everything immediately worked.
PS I also think that in the site settings in the Vesta control panel there should be a checkmark "Proxy NGINX support"
Thanks to all who responded!
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question