
This guide walks you through setting up Nginx on Rocky Linux to serve as a reverse proxy for Proxmox using HTTPS on a subdomain. Proxmox VE is a comprehensive open-source platform for enterprise virtualization that tightly integrates KVM hypervisor and LXC containers, software-defined networking, and storage. This setup allows you to manage virtual machines, containers, highly available clusters, storage, and network configuration on a single platform with ease.
Ensure Rocky Linux is installed. Refer to the official Rocky Linux website for installation instructions if needed.
Install Nginx and start the service using the following commands:
sudo dnf updatesudo dnf install nginxsudo systemctl enable nginxsudo systemctl start nginx
If you don’t already have SSL certificates, you can obtain them using Certbot:
sudo dnf install certbot python3-certbot-nginxsudo certbot --nginx -d subdomain.yourdomain.com
Follow the prompts to enable HTTPS automatically.
Create or edit your Nginx configuration file. Here’s a configuration tailored to your needs:
upstream proxmox {server 192.168.1.200:8006; # Proxmox server IP and port}server {listen 80;server_name subdomain.yourdomain.com;return 301 https://$host$request_uri; # Redirect HTTP to HTTPS}server {listen 443 ssl;server_name subdomain.yourdomain.com;ssl_certificate /etc/letsencrypt/live/subdomain.yourdomain.com/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/subdomain.yourdomain.com/privkey.pem;ssl_session_cache shared:SSL:10m;ssl_session_timeout 10m;ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';ssl_prefer_server_ciphers on;ssl_protocols TLSv1.2 TLSv1.3;proxy_ssl_verify off;location / {proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection "upgrade";proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_pass https://proxmox;proxy_read_timeout 360s;proxy_connect_timeout 360s;proxy_send_timeout 360s;proxy_buffering off;client_max_body_size 0;}}
Allow Nginx to make network connections for the reverse proxy:
sudo setsebool -P httpd_can_network_connect 1
Check the Nginx configuration:
sudo nginx -t
If the test is successful, restart Nginx:
sudo systemctl restart nginx
Allow HTTP and HTTPS traffic:
sudo firewall-cmd --permanent --zone=public --add-service=httpsudo firewall-cmd --permanent --zone=public --add-service=httpssudo firewall-cmd --permanent --zone=public --add-port=8006/tcpsudo firewall-cmd --reload
Access your subdomain (subdomain.yourdomain.com
) from a web browser. It should redirect to the HTTPS version and securely proxy traffic to your Proxmox server.
By following the steps outlined in this guide, you have successfully set up Nginx on Rocky Linux as a reverse proxy for Proxmox. This configuration allows you to securely manage your virtual environments through HTTPS, enhancing the security and accessibility of your Proxmox server. With Nginx handling incoming requests and performing SSL termination, you provide a robust gateway for managing your virtual machines and containers efficiently. Remember to regularly update your system and Nginx configurations to maintain security and performance. If any changes occur in your network or server architecture, adjust your Nginx configuration accordingly to ensure continuous, secure, and reliable service.
We’d love to hear your feedback on this tutorial! If you have any questions or suggestions for improvement, please don’t hesitate to reach out. You can leave a comment below, or you can contact us through the following channels:
If you found this guide beneficial, don’t hesitate to share it with your network. Until the next guide, happy coding!
Quick Links
Legal Stuff