Hi all, I have managed to setup nginx as reverse proxy for most of my home server web apps with a lets encrypt ssl. So far, I managed to get the forwarding working for Nextcloud, Plex, Emby and Rutorrent which are some of the web apps that I use.
My main nginx conf file is as below:
server {
listen 443 ssl;
server_name abc.com;
include ssl_common.conf;
include proxy_setup.conf;
include mime.types;
default_type application/octet-stream;

#access_log logs/host.access.log main;

location / {
root /usr/local/www/nginx;
index index.html index.htm;
}

For all the forwarding I use a proxy.conf file, under which I have defined my forwarding rules. Example for Nextcloud:

location /nextcloud {
proxy_pass http://192.168.x.x/nextcloud;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

The above works well for the web apps that I mentioned most probably because the web root corresponds and matches to the location /path that I defined. The issue I'm facing is for most of my hardware based devices such as a BuffaloNAS and a CCTV DVR. For the buffalo nas, the LAN url is http://192.168.x.x/static/index.html
If I set location /static it does not work and i get error 404 of nignx. My cctv on the other hand is a direct url http://192.168.x.x with no forward slash path which makes me nuts in figuring how do I define the /location.
Someone having any idea here please please help. Thank you.

Hi,

i just had a similar issue forwarding requests to my NAS from QNAP. Therefore i decided to define a second server-section like the following:

server {
listen 443;
server_name nas.DOMAIN.COM;

ssl_certificate SSLCERT;
ssl_certificate_key PRIVKEY;
ssl_dhparam /dhparams.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!L$

ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
add_header X-Frame-Options DENY;
add_header Cache-control: no-store;
add_header X-XSS-Protection "1; mode=block";


client_max_body_size 2m;


location / {
proxy_set_header HOST $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_pass https://INTERNAL_IP:PORT;
proxy_redirect off;
proxy_buffering off;
}


For me this solution is working perfectly.
I hope this help's.

Best Regards,
Daniel