● ha작업)시놀로지 역방향프록시와 시놀로지 npm 인증서를 https구성하기 조건




컨텐츠 정보


본문

● ha작업)시놀로지 역방향프록시와 시놀로지 npm 인증서를 https구성하기 조건

정상가동되는 esxi서버에 haos를 구성 duckdns.org로 구성 사용중

1) npm가동> 시놀로지 도커 가동

2) 역방향 프록시설정

3) 인증서 설정

4) configuation.yaml 파일 구성

 기존 서버 서버vm종료후 신규 vm 작업으로 구성 작업


<<<작업 정보>>

1) npm가동> 시놀로지 도커 가동

3232235521_1718535381.7279.png

npm 포트 정보확인 및 공유기 포트포워드설정

3232235521_1718537715.5706.png

공유기 설

3232235521_1718537675.1255.png


NPM접속 81포트 인증서 발행및 구성

http://192.168.0.7:81/

3232235521_1718536234.5657.png

3232235521_1718536219.8308.png

proxy_set_header    Upgrade     $http_upgrade;

proxy_set_header    Connection  "upgrade";

를 상기 custom nginx configuation 애  추가합니다

인증서 생성 메뉴

3232235521_1718536324.2128.png

3232235521_1718536519.2255.png

정상적인 구성 조건에 완료된 상태 입니다


 duckdns.org 의 인증서 위치 확인

3232235521_1718535786.8756.png


인증서 추가 설치 조건 >  인증서 위치 확인  기존 인증서 불러오기로 구성

3232235521_1718535492.3899.png


자동 재구성을 위한 경로 복사 > 

cp /volume1/docker/npm/etc/letsencrypt/live/npm-2/*.*   /usr/syno/etc/certificate/_archive/1ehwGc/

3232235521_1718535873.2791.png

3232235521_1718535915.7068.png

2) 역방향 프록시설정

3232235521_1718536003.9979.png

3232235521_1718535997.1813.png

3232235521_1718535988.4018.png

3) 인증서 설정 > dns 연결

3232235521_1718536624.2177.png


4) configuation.yaml 파일 구성

 기존 서버 서버vm종료후 신규 vm 작업으로 구성 작업
ip를 동일하게 구성 >> 재부팅
3232235521_1718537047.0954.png

2개의 ip사용으로 1개만 이전과 동일하게 구성
3232235521_1718537151.3058.png
내부 ip로 접속
3232235521_1718537945.8446.png

외부 ip로 접속 안됨 > nas ip 추가 필요
 
3232235521_1718537903.8551.png

3232235521_1718538351.193.png

설정 내용 
# Loads default set of integrations. Do not remove.
default_config:

# Load frontend themes from the themes folder
frontend:
  themes: !include_dir_merge_named themes

automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 127.0.0.1 # local
    - ::1
    - 172.30.32.0/24 # ha dns info
    - 172.30.232.0/24 # ha dns info
    # 아래  https://ha.11q.duckdns.org 접속 조건
    - 192.168.0.0/24 # https://ha.11q.duckdns.org 접속 조건
    # - 192.168.0.7 # 또는 https://ha.11q.duckdns.org 접속 조건
    # 기본 ssl 도메인 사용중인 조건 구성
  # ssl_certificate: /ssl/fullchain.pem
  # ssl_key: /ssl/privkey.pem
  base_url: https://ha.11q.duckdns.org # https://ha.11q.duckdns.org 접속 조건
  cors_allowed_origins:
    - https://ha.11q.duckdns.org # https://ha.11q.duckdns.org 접속 조건
  server_port: 8123 # https://ha.11q.duckdns.org 접속 조건

homeassistant:
  external_url: https://ha.11q.duckdns.org # https://ha.11q.duckdns.org 접속 조건
  internal_url: http://192.168.0.35:8123
  name: Home
  latitude: 37.278944883
  longitude: 127.071503015
  elevation: 4
  # customize: !include customize.yaml
  media_dirs:
    media: /config/www/media
  # 외부포트 80 443 개방확인
  # https://www.yougetsignal.com/tools/open-ports/


https://ha.11q.duckdns.org/lovelace/apt

3232235521_1718537291.7015.png

상기와  관계없이  
3232235521_1718538694.8076.png

Login attempt failed
Login attempt or request with invalid authentication from 192.168.0.1 (192.168.0.1). See the log for details.


ProxyRemote "http://goodguys.example.com/" "http://mirrorguys.example.com:8000" ProxyRemote "*" "http://cleverproxy.localdomain" ProxyRemote "ftp" "http://ftpproxy. 내도메인:8080"
정보를 확인 하여 내도메인 https://ha.11q.duckdns.orghttp://192.168.0.35:8123 로 리버스 프록시 되는 조건으로 상기 구성으로 변경 해주세요

3232235521_1718540291.1546.png

root@www11q:/volume1/@docker/aufs/mnt/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/etc/apache2/sites-available# 

cd /volume1/@docker/aufs/mnt/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/etc/apache2/sites-available# 

편집>  000-default.conf


3232235521_1718559989.1393.png

3232235521_1718559913.9905.png



 000-default.conf

<VirtualHost *>
    ServerName 11q.duckdns.org
    ServerAlias *.11q.duckdns.org
    ServerAdmin sysadmin@11q.duckdns.org
    ProxyRequests Off
    ProxyPreserveHost On

    RewriteEngine On
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteRule /(.*) ws://192.168.0.1/$1  [P,L]

    ProxyPass / http://192.168.0.1/ retry=1
    ProxyPassReverse / http://192.168.0.1/

    # 기존 설정
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
  # 기존 설정
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
=================>  해결이 안된다 

☞ https://11q.kr 에 등록된 자료 입니다. ♠ 정보찾아 공유 드리며 출처는 링크 참조 바랍니다♠1.png

뷰PDF add1,add2



관련자료

댓글 2

11qkr님의 댓글

root@www11q:/etc# find / -name httpd.conf
root@www11q:/etc# ^C
root@www11q:/etc# find / -name *default.conf
/usr/syno/etc.defaults/synocached/synocached.default.conf
/usr/syno/etc/synocached/synocached.default.conf
/usr/local/etc/apache24/sites-enabled/webstation-default.conf
/usr/local/etc/apache24/conf-enabled/.webstation.error_page.default.conf
/usr/local/etc/nginx/conf.d/.webstation.error_page.default.conf
/usr/local/etc/apache22/conf-enabled/.webstation.error_page.default.conf
/volume1/@docker/aufs/mnt/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/etc/apache2/sites-enabled/000-default.conf
/volume1/@docker/aufs/mnt/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/etc/apache2/sites-available/000-default.conf
/volume1/@docker/aufs/mnt/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/usr/lib/sysctl.d/50-default.conf
/volume1/@docker/aufs/mnt/d5a2622776bbbb7f9bd5ff3a1c327513bd857d2da812d90399cdf5ed837005a6/etc/nginx/conf.d/default.conf
/volume1/@docker/aufs/mnt/d5a2622776bbbb7f9bd5ff3a1c327513bd857d2da812d90399cdf5ed837005a6/etc/fonts/conf.d/11-lcdfilter-default.conf
/volume1/@docker/aufs/mnt/d5a2622776bbbb7f9bd5ff3a1c327513bd857d2da812d90399cdf5ed837005a6/usr/share/fontconfig/conf.avail/11-lcdfilter-default.conf
/volume1/@docker/aufs/mnt/d5a2622776bbbb7f9bd5ff3a1c327513bd857d2da812d90399cdf5ed837005a6/app/templates/default.conf
/volume1/@docker/aufs/diff/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/etc/apache2/sites-enabled/000-default.conf
/volume1/@docker/aufs/diff/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/etc/apache2/sites-available/000-default.conf
/volume1/@docker/aufs/diff/82856941967da7b47526a4ada29d517ee2b20420b8c88b79e666d8ef6c32bd0e/usr/lib/sysctl.d/50-default.conf
/volume1/@docker/aufs/diff/2d051aed7fbbbcc3cd0345f18aaf75bc611362c0e9293f833e37a4b5b440bd29/etc/fonts/conf.d/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/2d051aed7fbbbcc3cd0345f18aaf75bc611362c0e9293f833e37a4b5b440bd29/usr/share/fontconfig/conf.avail/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/96d41ce5b4c94af1e91cdb7e28d0b951e9d14372ad3d3506b0092cfd515e4d45/etc/fonts/conf.d/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/96d41ce5b4c94af1e91cdb7e28d0b951e9d14372ad3d3506b0092cfd515e4d45/usr/share/alsa/pcm/default.conf
/volume1/@docker/aufs/diff/96d41ce5b4c94af1e91cdb7e28d0b951e9d14372ad3d3506b0092cfd515e4d45/usr/share/alsa/ctl/default.conf
/volume1/@docker/aufs/diff/96d41ce5b4c94af1e91cdb7e28d0b951e9d14372ad3d3506b0092cfd515e4d45/usr/share/fontconfig/conf.avail/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/462b8f1a11d5f0d2959d9e4cd5a08095bfb1d22210768962f0a1499f2359a144/etc/fonts/conf.d/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/462b8f1a11d5f0d2959d9e4cd5a08095bfb1d22210768962f0a1499f2359a144/etc/fonts/conf.avail/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/462b8f1a11d5f0d2959d9e4cd5a08095bfb1d22210768962f0a1499f2359a144/usr/share/alsa/pcm/default.conf
/volume1/@docker/aufs/diff/462b8f1a11d5f0d2959d9e4cd5a08095bfb1d22210768962f0a1499f2359a144/usr/lib/sysctl.d/50-default.conf
/volume1/@docker/aufs/diff/d5a2622776bbbb7f9bd5ff3a1c327513bd857d2da812d90399cdf5ed837005a6/etc/nginx/conf.d/default.conf
/volume1/@docker/aufs/diff/4d6fed980e45b498cda6d07526f33c69cfe27b891525a08f51fe2db04d3ec957/etc/fonts/conf.d/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/4d6fed980e45b498cda6d07526f33c69cfe27b891525a08f51fe2db04d3ec957/etc/fonts/conf.avail/11-lcdfilter-default.conf
/volume1/@docker/aufs/diff/4d6fed980e45b498cda6d07526f33c69cfe27b891525a08f51fe2db04d3ec957/usr/share/alsa/pcm/default.conf
/volume1/@docker/aufs/diff/b67d368a2a6709fb012c93f1c40e2cc86a98fb905125a9b06e5b413ee87db7d7/app/templates/default.conf
/volume1/@docker/aufs/diff/e65fcebcac2af656e39aa3c264384156c3ea45f94e46aeee066ac41af05569b1/etc/nginx/conf.d/default.conf
/volume1/@appstore/Apache2.2/usr/local/etc/apache22/conf/extra/httpd-default.conf
/volume1/@appstore/ffmpeg/share/fontconfig/conf.avail/11-lcdfilter-default.conf
/volume1/@appstore/ffmpeg/etc/fonts/conf.d/11-lcdfilter-default.conf
/volume1/@appstore/Apache2.4/usr/local/etc/apache24/conf/extra/httpd-default.conf
/volume1/@appstore/WebStation/usr/local/etc/apache24/conf/extra/httpd-default.conf
/volume1/@appstore/SurveillanceStation/local_display/usr/etc/alsa/pcm/default.conf
/volume1/@appstore/SurveillanceStation/local_display.default/usr/etc/alsa/pcm/default.conf
/volume1/@appstore/DNSServer/etc/synodns.default.conf
/volume1/@appstore/DNSServer/named/etc/conf/named.options.default.conf
/volume1/@appstore/AudioStation/etc/audio_default.conf
/volume4/@appstore/AudioStation/etc/audio_default.conf
/volume4/@appstore/Apache2.4/usr/local/etc/apache24/conf/extra/httpd-default.conf
/volume4/@appstore/EmbyServer/share/fontconfig/conf.avail/11-lcdfilter-default.conf
/volume4/@appstore/DownloadStation/pyload/module/config/default.conf
/volume4/@appstore/DownloadStation/pyload/module/web/servers/lighttpd_default.conf
/volume4/@appstore/DownloadStation/pyload/module/web/servers/nginx_default.conf
/volume2/@appstore/DownloadStation/pyload/module/config/default.conf
/volume2/@appstore/DownloadStation/pyload/module/web/servers/nginx_default.conf
/volume2/@appstore/DownloadStation/pyload/module/web/servers/lighttpd_default.conf
/var/packages/SMBService/conf/smbinfo_default.conf
/var/tmp/nginx/test/plugin_config/conf.d/.webstation.error_page.default.conf
root@www11q:/etc#

11qkr님의 댓글

역방향 프록시? [해결] 시놀로지 https 역방향 프록시 접속 불가 문제 3
https://www.clien.net/service/board/cm_nas/18487858
https://itslog.tistory.com/m/206



♥간단_메모글♥


최근글


새댓글



PHP 안에 HTML ☞ 홈페이지 화면갱신 시간은 ♨
▶ 2024-11-05 06:00:19

오늘의 홈 현황


  • 현재 접속자♨ 109 명
  • 오늘 가입자※ 0 명
  • 어제 가입자※ 3 명
  • 주간 가입자※ 8 명
  • 오늘 방문자 1,054 명
  • 어제 방문자 2,210 명
  • 최대 방문자 13,042 명
  • 전체 방문자 4,759,240 명
  • 전체 게시물※ 8,838 개
  • 전체 댓글수※ 25,183 개
  • 전체 회원수 11,298 명

QR코드


☞ QR코드 스캔은 kakao앱 자체 QR코드

알림 0








최신글↑