On Tue, Jul 05, 2022 at 12:53:05PM +0000, Daniel Armando Rodriguez via nginx wrote:
> El 2022-07-02 08:24, Francis Daly escribió:
> > On Fri, Jun 24, 2022 at 04:23:54PM -0300, Daniel Armando Rodriguez
> > wrote:
Hi there,
> > > Made this representation to illustrate the situation.
> > > https://i.postimg.cc/Zq1Ndyws/scheme.png
> What I need to do is allowing traefik "black" box to negotiate SSL
> certificate directly with Let's Encrypt, that was intended to be referred as
> stream.
I think you are saying that you want nginx to be a "plain" tcp-forwarder
in this case.
(I'm not certain *why* that matters here, but that's ok; I don't need
to understand it ;-) .)
Does http://nginx.org/en/docs/stream/ngx_stream_proxy_module.html work
for you?
Something like
==
stream {
server {
listen nginx-ip:443;
proxy_pass traefik-ip:443;
}
}
==
(If you have a stream listener on an IP:port, you cannot also have a
http listener on that same IP:port.)
Your picture also shows some blue lines on the left-hand
side, so it may be that you also want something like
http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html,
to choose which "upstream" to proxy_pass to, depending on the server
name presented in the SSL connection to nginx.
Cheers,
f
--
Francis Daly francis@daoine.org
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org