El 6/7/22 a las 10:47, Francis Daly escribió:
On Tue, Jul 05, 2022 at 12:53:05PM +0000, Daniel Armando Rodriguez via nginx
wrote:
El 2022-07-02 08:24, Francis Daly escribió:
On Fri, Jun 24, 2022 at 04:23:54PM -0300, Daniel Armando Rodriguez
wrote:
Hi there,
Made this representation to illustrate the situation.
https://i.postimg.cc/Zq1Ndyws/scheme.png
What I need to do is allowing traefik "black" box to negotiate SSL
certificate directly with Let's Encrypt, that was intended to be referred as
stream.
I think you are saying that you want nginx to be a "plain" tcp-forwarder
in this case.
(I'm not certain *why* that matters here, but that's ok; I don't need
to understand it ;-) .)
Doeshttp://nginx.org/en/docs/stream/ngx_stream_proxy_module.html work
for you?
Something like
==
stream {
server {
listen nginx-ip:443;
proxy_pass traefik-ip:443;
}
}
==
(If you have a stream listener on an IP:port, you cannot also have a
http listener on that same IP:port.)
Your picture also shows some blue lines on the left-hand
side, so it may be that you also want something like
http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html,
to choose which "upstream" to proxy_pass to, depending on the server
name presented in the SSL connection to nginx.
Cheers,
f
Nginx is actually working as RP for several subdomains for which is also
SSL termination. The traefik box is out of my scope, but it has the
ability to negotiate TLS certificates for its own. That's why I need to
forward just specific subdomain TCP traffic to it.
________________________________________________
*Daniel A. Rodriguez*
/Informática, Conectividad y Sistemas/
Universidad Nacional del Alto Uruguay
San Vicente - Misiones - Argentina
informatica.unau.edu.ar <https://informatica.unau.edu.ar>
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org
