-
Notifications
You must be signed in to change notification settings - Fork 0
06 NGINX
Aephir edited this page May 3, 2018
·
1 revision
See: https://github.com/Aephir/HomeAssistant2/issues/14
sudo apt-get install nginx -y
sudo mkdir /etc/nginx/ssl && cd /etc/nginx/ssl
sudo openssl dhparam -out dhparams.pem 2048
sudo nano /etc/nginx/sites-available/hass
This takes a while. Do something useful... or not.
sudo nano /etc/nginx/sites-available/hass
Insert:
#map $http_upgrade $connection_upgrade {
# default upgrade;
# '' close;
#}
server {
listen 80;
server_name *.duckdns.org;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name *****MY.duckdns.org*****;
ssl on;
ssl_certificate /etc/letsencrypt/live/*****MY.duckdns.org*****/fullchain.pem; # /etc/nginx/cert.crt;
ssl_certificate_key /etc/letsencrypt/live/*****MY.duckdns.org*****/privkey.pem; # /etc/nginx/cert.key;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
proxy_buffering off;
location / {
proxy_pass *****http://192.168.0.160:8123*****;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /api/appdaemon/ {
allow all;
proxy_pass *****http://192.168.0.160:5050*****;
proxy_set_header Host $host;
proxy_redirect http:// http://;
}
}
Then:
cd /etc/nginx/sites-enabled
sudo unlink default
sudo ln ../sites-available/hass default
sudo /etc/init.d/nginx start
Forward TCP port 80 and port 443 on your router to the internal IP of your Raspberry pi