Hello Univention gurus… I’ve been running a UCS VM as my main website for several years now and love it. I have figured out how to change the apache2 reverse proxy to incorporate subdirectories that point to other webapps on my network e.g. www domain com/forum/ or www mydomain com/ombi and I have also figured out how to create a subdomain for an external app e.g. https:// kasm mydomain com and these work perfectly and get covered by Let’s Encrypt certs. But recently I’ve been trying to incorporate the Nginx Proxy Manager https://nginxproxymanager.com/ and I just haven’t had any luck incorporating my already running UCS behind this new Reverse Proxy. Anyone already using it or might be able to give me pointers. I’d even love it if someone told me this was a bad idea and provided some logic. So far I’ve gotten it to show the congrats page, so I know the NPM is working. But no matter what settings I put in I can’t get to UCS pages at all through NPM. I’d appreciate any help or suggestions.
Thanks!
I am interested in this too. I have been unsure how best to place UCS and it’s various service (Portal, Nextcloud, Bitwarden, etc) behind a reverse proxy so as to be assessable remotely/outside the LAN. I run other docker containers on another system behind HA Proxy and have that working fine. Some common sense do or don’t with regard to UCS and a proxy would be great.
Having UCS accessible outside the LAN is what it’s made for. So that’s not an issue at all. I port forward 80,443,587 and 25 from my wan to my UCS VM. UCS is already running a reverse proxy of apache2. But what that means is that if you can get to www yourdomain com/wordpress then you can get to every other service that UCS provides natively. You can also edit apache2 so that you incorporate your other docker containers. I’m doing that now as well.
My use case for NPM is kind of stupid but I wanted to test it and I just couldn’t get it to work. If you’re just looking for a way to have a reverse proxy in front, have you seen this post? https://wiki.univention.de/index.php/Cool_Solution_-_Reverse_Proxy_for_UCS_Portal_and_Services
It’s not what I want but it might work for you. Has HAproxy and nginx proper
Thanks, I read that article and it is helpful. Though I think in my setup I would prefer running the Reverse Proxy on my Firewall not necessarily on the UCS system. Seems like I would then be running two proxies, maybe not ideal either.
Directly exposing UCS to the internet might be best.