| gateway server == yunohost == nosignal.hopto.org (192.168.1.120) | proxy server == nextcloudpi (odroid-hc2_4T_HDD) == nopost.hopto.org (192.168.1.110) | | public ip == 211.108.178.33 | ddns to this ip == nosignal.hopto.org, nopost.hopto.org, nomatter.hopto.org | gateway server configurations ----------------------------- cat /etc/hosts ---- .. code-block:: text 127.0.0.1 localhost 127.0.1.1 yunohost.yunohost.org yunohost # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters 192.168.1.150 nextcloud.local nextcloud 192.168.1.110 nextcloudpi.local nextcloudpi cat /etc/nginx/conf.d/nopost.hopto.org.d/proxy.conf ---- .. code-block:: nginx location / { proxy_pass https://192.168.1.110; proxy_set_header Host $host; if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } proxy_buffering off; tcp_nodelay on; } *nopost.hopto.org is dedicated only for this proxy server. no other app is using it.* cat /etc/ssowat/conf.json ---- .. code-block:: json { "additional_headers": { "Auth-User": "uid", "Email": "mail", "Name": "cn", "Remote-User": "uid" }, "domains": [ "nopost.hopto.org", "nomatter.hopto.org", "nosignal.hopto.org" ], "portal_domain": "nosignal.hopto.org", "portal_path": "/yunohost/sso/", "protected_regex": [], "protected_urls": [], "redirected_regex": { "nosignal.hopto.org/yunohost[\\/]?$": "https://nosignal.hopto.org/yunohost/sso/" }, "redirected_urls": {}, "skipped_regex": [ "nopost%.hopto%.org/%.well%-known/.*", "^[^/]*/%.well%-known/acme%-challenge/.*$", "^[^/]*/%.well%-known/autoconfig/mail/config%-v1%.1%.xml.*$" ], "skipped_urls": [ "nosignal.hopto.org/pad", "nopost.hopto.org/yunohost/admin", "nopost.hopto.org/yunohost/api", "nomatter.hopto.org/yunohost/admin", "nomatter.hopto.org/yunohost/api", "nosignal.hopto.org/yunohost/admin", "nosignal.hopto.org/yunohost/api", ], "unprotected_regex": [], "unprotected_urls": [ "nosignal.hopto.org/flarum", "nosignal.hopto.org/gitlab", "nosignal.hopto.org/grav", "nosignal.hopto.org/jupyterlab", "nosignal.hopto.org/kanboard/jsonrpc.php", "nomatter.hopto.org", "nosignal.hopto.org/nextcloud", "nosignal.hopto.org/SOGo", "nopost.hopto.org" ], "users": { "doohoyi": { "nomatter.hopto.org/": "Mattermost", "nosignal.hopto.org/SOGo": "SOGo", "nosignal.hopto.org/airsonic": "Airsonic", "nosignal.hopto.org/distbin": "Distbin", "nosignal.hopto.org/flarum": "Flarum", "nosignal.hopto.org/gitlab": "Gitlab", "nosignal.hopto.org/grav": "Grav", "nosignal.hopto.org/jupyterlab": "JupyterLab", "nosignal.hopto.org/kanboard": "Kanboard", "nosignal.hopto.org/nextcloud": "Nextcloud", "nosignal.hopto.org/pad": "Etherpad Mypads", "nosignal.hopto.org/phpmyadmin": "phpMyAdmin", "nosignal.hopto.org/rainloop": "Rainloop", "nosignal.hopto.org/riot": "Riot", "nosignal.hopto.org/site": "Multi custom webapp", "nosignal.hopto.org/strut": "Strut", "nosignal.hopto.org/torrent": "Transmission" }, "wonjung": { "nomatter.hopto.org/": "Mattermost", "nosignal.hopto.org/SOGo": "SOGo", "nosignal.hopto.org/airsonic": "Airsonic", "nosignal.hopto.org/distbin": "Distbin", "nosignal.hopto.org/flarum": "Flarum", "nosignal.hopto.org/gitlab": "Gitlab", "nosignal.hopto.org/grav": "Grav", "nosignal.hopto.org/jupyterlab": "JupyterLab", "nosignal.hopto.org/kanboard": "Kanboard", "nosignal.hopto.org/nextcloud": "Nextcloud", "nosignal.hopto.org/pad": "Etherpad Mypads", "nosignal.hopto.org/rainloop": "Rainloop", "nosignal.hopto.org/riot": "Riot", "nosignal.hopto.org/site": "Multi custom webapp", "nosignal.hopto.org/strut": "Strut", "nosignal.hopto.org/torrent": "Transmission" } } } *only "nopost.hopto.org" is added to "unprotected_urls"*