Et c'est une victoire de canard !!!
Pour info, pour ceux que ça intéresse, voici ma conf pour un accès en :
https://ssh.domaine.fr
GateOne tourne sur le port 9000 car j'ai déjà une écoute sur le 8080 :
"/etc/nginx/sites-enabled/gateone.conf"
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name ssh.domaine.fr;
access_log /var/log/nginx/ssh-access.log combined;
error_log /var/log/nginx/ssh-error.log error;
auth_basic "";
auth_basic_user_file /etc/nginx/passwd/<fichier_rutorrent>;
ssl_certificate /etc/nginx/keys/<certif_ssl>;
ssl_certificate_key /etc/nginx/keys/<clef_ssl>;
location / {
proxy_buffering off;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:9000;
}
}
port = 9000
url_prefix = "/"
https_redirect = False
disable_ssl = True
address = "127.0.0.1"
origins = "https://ssh.domaine.fr"
ssl_auth = "none"
iptables :
-A INPUT -p tcp --dport 9000 -j ACCEPT
Enjoy
