Contents

  1. certbot
  2. Server side
    1. NGINX Reverse PROXY_PASS
      1. wiki.js
      2. nextcloud
  3. Client side
    1. raspberry MOINMOIN
    2. WIKI.JS

certbot

certbot --nginx -d moin.brightmoon.de

Server side

root@ip-172-26-3-168:/etc/frps# for i in $(ls *.ini); do cat $i; done
# frps-hpe-ssh.ini
[common]
bind_port = 301
# frps-moinmoin.ini
[common]
bind_port = 304
vhost_http_port = 604
# frps-moinmoin.ini
[common]
bind_port = 603
vhost_http_port = 80
# frps-raspberry-ssh.ini
[common]
bind_port = 302
# frps-wiki-js.ini
[common]
bind_port = 300
vhost_http_port = 3000

NGINX Reverse PROXY_PASS

wiki.js

root@ip-172-26-3-168:/usr/local/nginx/conf.d# cat wiki.conf 
server {
listen unix:/dev/shm/nginx/default.sock;
listen unix:/dev/shm/nginx/h2.sock http2;
server_name wiki.brightmoon.top;
ssl_certificate /etc/letsencrypt/live/wiki.brightmoon.top/fullchain.pem; 
ssl_certificate_key /etc/letsencrypt/live/wiki.brightmoon.top/privkey.pem;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" always;

location / {
         proxy_set_header X-Forwarded-For 127.0.0.1;
         proxy_set_header Host $http_host;
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_pass_header   Server;
        proxy_set_header    X-Forwarded-Proto $scheme;
         proxy_redirect off; 
         proxy_pass http://127.0.0.1:3000;
         client_max_body_size 0;     
        } 
}

nextcloud

server {
listen unix:/dev/shm/nginx/default.sock;
listen unix:/dev/shm/nginx/h2.sock http2;
server_name www.brightmoon.top;
ssl_certificate /usr/local/nginx/certs/brightmoon.top.cer;
ssl_certificate_key /usr/local/nginx/certs/brightmoon.top.key;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" always;

location / {
         proxy_set_header X-Forwarded-For 127.0.0.1;
         proxy_set_header Host $http_host;
         proxy_redirect off; 
         proxy_pass http://127.0.0.1:80;
         client_max_body_size 0;     
        } 
location /.well-known/carddav {
     return 301 $scheme://$host/remote.php/dav;     
} 
   location /.well-known/caldav {
       return 301 $scheme://$host/remote.php/dav;     
} 
}

Client side

raspberry MOINMOIN

# frpc-moinmoin.ini
[moinmoin]
type = http
local_port = 807
custom_domains = www.brightmoon.top



[common]
server_addr = www.brightmoon.top
server_port = 304

root@raspberrypi:~# cat /usr/local/frpc/frpc-ssh.ini
# frpc-ssh.ini
[common]
server_addr = www.brightmoon.top
server_port = 302
#tls_enable = true

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 602

WIKI.JS

root@wiki:~# grep -v ^# /usr/local/frpc/frpc-wiki.ini 
[wiki.js]
type = http
local_port = 3000
custom_domains = wiki.brightmoon.top



[common]
server_addr = www.brightmoon.top
server_port = 300

désert/Linux/frp_proxy (last edited 2026-03-01 04:56:53 by 127)