Nginx Reverse Proxy and CODE-Server on two different machines

Installation & Configuration
1

Hi guys!
I have Proxmox with several lxc and VMs running. One lxc is running Nginx as a reverse proxy and is exposing some of the machines to the internet.
Recently I have set up a CODE-Server (lxc) for my nextcloud. Here I wanna have the same setup: CODE-Server on one machine and the nginx machine I use for all my other services.

I have some problems of understanding I guess:

Does CODE has his own Webserver or do I need NGINX (for example) to serve it? Because actually I don’t have nginx or apache serving it. I just have a virtual hosts on my machine with the reverse proxy and there I messed something up. Here is my config:

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name my.fqdn.de;

        # SSL configuration
        # RSA certificates
        ssl_certificate /etc/letsencrypt/my.fqdn.de/rsa/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/my.fqdn.de/rsa/key.pem;
        # ECC certificates
        ssl_certificate /etc/letsencrypt/my.fqdn.de/ecc/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/my.fqdn.de/ecc/key.pem;

        # This should be ca.pem (certificate with the additional intermediate certificate)
        # See here: https://certbot.eff.org/docs/using.html
        # ECC
        ssl_trusted_certificate /etc/letsencrypt/my.fqdn.de/ecc/ca.pem;

        # Include SSL configuration
        include /etc/nginx/snippets/ssl.conf;


        if ($allowed_country = no) {
                 return 444;
        }


        keepalive_timeout 65;

        # Allow large attachments
        client_max_body_size 128M;


 # static files
 
 
 location ^~ /browser {
   proxy_pass http://172.xx.xx.xx:9980;
   proxy_set_header Host $http_host;
}

 # WOPI discovery URL

 location ^~ /hosting/discovery {
   proxy_pass http://172.xx.xx.xx:9980;
   proxy_set_header Host $http_host;
 }

 # Capabilities

 location ^~ /hosting/capabilities {
   proxy_pass http://172.xx.xx.xx:9980;
   proxy_set_header Host $http_host;
}

 # main websocket

 location ^~ /cool/(.*)/ws$ {
   proxy_pass http://172.xx.xx.xx:9980;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "Upgrade";
   proxy_set_header Host $http_host;
   proxy_read_timeout 36000s;
}

 # download, presentation and image upload

 location ^~ /(c|l)ool {
   proxy_pass http://172.xx.xx.xx:9980;
   proxy_set_header Host $http_host;
 }

 # Admin Console websocket

 location ^~ /cool/adminws {
   proxy_pass http://172.xx.xx.xx:9980;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "Upgrade";
   proxy_set_header Host $http_host;
   proxy_read_timeout 36000s;
 }
}

Due to the logs that runns just in a 404 because it is searching for /etc/nginx/html and that is totally wrong.

If I change the location part to just / it is going to the CODE-Server machine but I get, of course, a timed-out.

I hope I could explain it good enough, if not I’m happy to give more information.

Thanks a lot! :slight_smile: I’m happy for every hint!

2

Hello,

You can user a reverse proxy to provide ssl encryption instead of using ssl direct on CODE, that’s my setup. It’s almost identical to yours, except that I use same reverse proxy to nextcloud and CODE, so my domain is just one.

With that in mind, I disabled SSL on CODE and nextcloud. They run as two docker containers in backend with special network and firewall configs. I think this way is simpler, and I’m able to point nextcloud to CODE using web interface and https://mydomain.

3

Hi,

A good documentation : https://sdk.collaboraonline.com/CO-SDK-manual.pdf

Regards