UISP - Reverse Proxy
Overview
This article guides the reader through installing UISP behind a proxy server. It covers two major proxy servers: Nginx and Apache.
Introduction
Often times your network infrastructure can be set so that you need to run your UISP server behind a proxy. In that case, it is necessary to set up the proxy correctly and install UISP with a specific set of parameters. In this article, we will cover the two most common proxy servers Nginx and Apache.
UISP Installation Parameters
NOTE: Please note that basic installation of UISP includes a pre-configured Nginx.
curl -fsSL https://uisp.ui.com/v1/install > /tmp/uisp_inst.sh && sudo bash /tmp/uisp_inst.sh - --public-https-port 443 --http-port 8080 --https-port 8443
Nginx config
NOTE: This configuration example works if UISP runs on the same console (server). If you have UISP on a different one please replace all instances of 'localhost' with IP address of that server.
change server_name
, ssl_certificate
, ssl_certificate_key
and proxy_pass
to match your environment
map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; server_name uisp.example.com; client_max_body_size 4G; location / { proxy_redirect off; proxy_set_header Host $host; proxy_pass http://127.0.0.1:8080/; } } server { listen 443 ssl http2; server_name uisp.example.com; ssl_certificate /etc/letsencrypt/live/uisp.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/uisp.example.com/privkey.pem; ssl on; set $upstream 127.0.0.1:8443; location / { proxy_pass https://$upstream; proxy_redirect https://$upstream https://$server_name; proxy_cache off; proxy_store off; proxy_buffering off; proxy_http_version 1.1; proxy_read_timeout 36000s; proxy_set_header Host $http_host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Referer ""; client_max_body_size 0; } }
Apache config
change ServerName
, SSLCertificateFile
and SSLCertificateKeyFile
to match your environment
ProxyPreserveHost On ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/ ProxyRequests Off ProxyPreserveHost On ServerName uisp.example.com SSLEngine on SSLCertificateFile /etc/letsencrypt/live/uisp.example.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/uisp.example.com/privkey.pem SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerExpire off SSLProxyCheckPeerName off RewriteEngine on RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteRule /(.*) wss://127.0.0.1:8443/$1 [P,L] ProxyPass / https://127.0.0.1:8443/ ProxyPassReverse / https://127.0.0.1:8443/