Jump to content

Services:Current Services: Difference between revisions

From jb-vpn.uk Wiki
Newer edit →
Added troubleshooting guide: Current Services - Service Inventory
 
Content removed - troubleshooting guide: Current Services - Service Inventory (23 sections)
Line 28: Line 28:


'''Internal Configuration''':
'''Internal Configuration''':
'' '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
* '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
'' '''Target Port''': <code>8080</code>
 
'' '''Protocol''': HTTP
* '''Target Port''': <code>8080</code>
 
* '''Protocol''': HTTP


'''Nginx Configuration''':
'''Nginx Configuration''':
'' '''File''': <code>/etc/nginx/sites-available/wiki.jb-vpn.uk</code>
* '''File''': <code>/etc/nginx/sites-available/wiki.jb-vpn.uk</code>
'' '''Enabled''': <code>/etc/nginx/sites-enabled/wiki.jb-vpn.uk</code>
 
* '''Enabled''': <code>/etc/nginx/sites-enabled/wiki.jb-vpn.uk</code>


'''SSL Certificate''':
'''SSL Certificate''':
'' '''Provider''': Let's Encrypt
* '''Provider''': Let's Encrypt
'' '''Certificate Path''': <code>/etc/letsencrypt/live/wiki.jb-vpn.uk/</code>
 
'' '''Expiry Date''': 2026-02-01
* '''Certificate Path''': <code>/etc/letsencrypt/live/wiki.jb-vpn.uk/</code>
'' '''Status''': Valid (89 days remaining)
 
* '''Expiry Date''': 2026-02-01
 
* '''Status''': Valid (89 days remaining)


'''Traffic Flow''':
'''Traffic Flow''':
Line 50: Line 56:


'''Configuration Details''':
'''Configuration Details''':
'' HTTP to HTTPS redirect: ✅ Enabled
* HTTP to HTTPS redirect: ✅ Enabled
'' WebSocket support: ✅ Enabled
 
'' Extended timeouts: ✅ 300 seconds
* WebSocket support: ✅ Enabled
'' Proxy headers: ✅ Full set configured
 
* Extended timeouts: ✅ 300 seconds
 
* Proxy headers: ✅ Full set configured


'''DNS Record''': <code>wiki.jb-vpn.uk</code> → <code>87.106.61.62</code>
'''DNS Record''': <code>wiki.jb-vpn.uk</code> → <code>87.106.61.62</code>
Line 72: Line 81:


'''Internal Configuration''':
'''Internal Configuration''':
'' '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
* '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
'' '''Target Port''': <code>8081</code>
 
'' '''Protocol''': HTTP
* '''Target Port''': <code>8081</code>
 
* '''Protocol''': HTTP


'''Nginx Configuration''':
'''Nginx Configuration''':
'' '''File''': <code>/etc/nginx/sites-available/werbs-wiki.jb-vpn.uk</code>
* '''File''': <code>/etc/nginx/sites-available/werbs-wiki.jb-vpn.uk</code>
'' '''Enabled''': <code>/etc/nginx/sites-enabled/werbs-wiki.jb-vpn.uk</code>
 
* '''Enabled''': <code>/etc/nginx/sites-enabled/werbs-wiki.jb-vpn.uk</code>


'''SSL Certificate''':
'''SSL Certificate''':
'' '''Provider''': Let's Encrypt
* '''Provider''': Let's Encrypt
'' '''Certificate Path''': <code>/etc/letsencrypt/live/werbs-wiki.jb-vpn.uk/</code>
 
'' '''Expiry Date''': 2026-02-01
* '''Certificate Path''': <code>/etc/letsencrypt/live/werbs-wiki.jb-vpn.uk/</code>
'' '''Status''': Valid (89 days remaining)
 
* '''Expiry Date''': 2026-02-01
 
* '''Status''': Valid (89 days remaining)


'''Traffic Flow''':
'''Traffic Flow''':
Line 94: Line 109:


'''Configuration Details''':
'''Configuration Details''':
'' HTTP to HTTPS redirect: ✅ Enabled
* HTTP to HTTPS redirect: ✅ Enabled
'' WebSocket support: ✅ Enabled
 
'' Extended timeouts: ✅ 300 seconds
* WebSocket support: ✅ Enabled
'' Proxy headers: ✅ Full set configured
 
* Extended timeouts: ✅ 300 seconds
 
* Proxy headers: ✅ Full set configured


'''DNS Record''': <code>werbs-wiki.jb-vpn.uk</code> → <code>87.106.61.62</code>
'''DNS Record''': <code>werbs-wiki.jb-vpn.uk</code> → <code>87.106.61.62</code>
Line 115: Line 133:


'''Internal Configuration''':
'''Internal Configuration''':
'' '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
* '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
'' '''Target Port''': <code>5001</code>
 
'' '''Protocol''': HTTPS
* '''Target Port''': <code>5001</code>
 
* '''Protocol''': HTTPS


'''Nginx Configuration''':
'''Nginx Configuration''':
'' '''File''': <code>/etc/nginx/sites-available/dsm.jb-vpn.uk</code>
* '''File''': <code>/etc/nginx/sites-available/dsm.jb-vpn.uk</code>
'' '''Enabled''': <code>/etc/nginx/sites-enabled/dsm.jb-vpn.uk</code>
 
* '''Enabled''': <code>/etc/nginx/sites-enabled/dsm.jb-vpn.uk</code>


'''SSL Certificate''':
'''SSL Certificate''':
'' '''Provider''': Let's Encrypt
* '''Provider''': Let's Encrypt
'' '''Certificate Path''': <code>/etc/letsencrypt/live/vps.jb-vpn.uk/</code> (shared certificate)
 
'' '''Status''': Valid
* '''Certificate Path''': <code>/etc/letsencrypt/live/vps.jb-vpn.uk/</code> (shared certificate)
 
* '''Status''': Valid


'''Traffic Flow''':
'''Traffic Flow''':
Line 136: Line 159:


'''Configuration Details''':
'''Configuration Details''':
'' HTTP to HTTPS redirect: ✅ Enabled
* HTTP to HTTPS redirect: ✅ Enabled
'' WebSocket support: ✅ Enabled (for DSM WebSocket features)
 
'' Internal HTTPS: ✅ Passes through to Synology HTTPS
* WebSocket support: ✅ Enabled (for DSM WebSocket features)
 
* Internal HTTPS: ✅ Passes through to Synology HTTPS


'''DNS Record''': <code>dsm.jb-vpn.uk</code> → <code>87.106.61.62</code>
'''DNS Record''': <code>dsm.jb-vpn.uk</code> → <code>87.106.61.62</code>
Line 156: Line 181:


'''Internal Configuration''':
'''Internal Configuration''':
'' '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
* '''Target IP''': <code>10.8.0.2</code> (Synology NAS via VPN)
'' '''Target Port''': <code>32400</code>
 
'' '''Protocol''': HTTP
* '''Target Port''': <code>32400</code>
 
* '''Protocol''': HTTP


'''Nginx Configuration''':
'''Nginx Configuration''':
'' '''File''': <code>/etc/nginx/sites-available/plex.jb-vpn.uk</code>
* '''File''': <code>/etc/nginx/sites-available/plex.jb-vpn.uk</code>
'' '''Enabled''': <code>/etc/nginx/sites-enabled/plex.jb-vpn.uk</code>
 
* '''Enabled''': <code>/etc/nginx/sites-enabled/plex.jb-vpn.uk</code>


'''SSL Certificate''':
'''SSL Certificate''':
'' '''Provider''': Let's Encrypt
* '''Provider''': Let's Encrypt
'' '''Certificate Path''': <code>/etc/letsencrypt/live/vps.jb-vpn.uk/</code> (shared certificate)
 
'' '''Status''': Valid
* '''Certificate Path''': <code>/etc/letsencrypt/live/vps.jb-vpn.uk/</code> (shared certificate)
 
* '''Status''': Valid


'''Traffic Flow''':
'''Traffic Flow''':
Line 177: Line 207:


'''Configuration Details''':
'''Configuration Details''':
'' HTTP to HTTPS redirect: ✅ Enabled
* HTTP to HTTPS redirect: ✅ Enabled
'' Plex-specific headers: ✅ Configured
 
   '' X-Plex-Client-Identifier
* Plex-specific headers: ✅ Configured
   '' X-Plex-Device
 
   '' X-Plex-Product
   * X-Plex-Client-Identifier
   '' X-Plex-Version
 
   '' X-Plex-Platform
   * X-Plex-Device
   '' X-Plex-Platform-Version
 
   '' X-Plex-Device-Name
   * X-Plex-Product
   '' X-Plex-Provides
 
   '' X-Plex-Token
   * X-Plex-Version
 
   * X-Plex-Platform
 
   * X-Plex-Platform-Version
 
   * X-Plex-Device-Name
 
   * X-Plex-Provides
 
   * X-Plex-Token


'''DNS Record''': <code>plex.jb-vpn.uk</code> → <code>87.106.61.62</code>
'''DNS Record''': <code>plex.jb-vpn.uk</code> → <code>87.106.61.62</code>
Line 205: Line 245:


'''Internal Configuration''':
'''Internal Configuration''':
'' '''Type''': Static files
* '''Type''': Static files
'' '''Web Root''': <code>/var/www/html</code>
 
'' '''Protocol''': Direct file serving
* '''Web Root''': <code>/var/www/html</code>
 
* '''Protocol''': Direct file serving


'''Nginx Configuration''':
'''Nginx Configuration''':
'' '''File''': <code>/etc/nginx/sites-available/vps.jb-vpn.uk</code>
* '''File''': <code>/etc/nginx/sites-available/vps.jb-vpn.uk</code>
'' '''Enabled''': <code>/etc/nginx/sites-enabled/vps.jb-vpn.uk</code>
 
* '''Enabled''': <code>/etc/nginx/sites-enabled/vps.jb-vpn.uk</code>


'''SSL Certificate''':
'''SSL Certificate''':
'' '''Provider''': Let's Encrypt
* '''Provider''': Let's Encrypt
'' '''Certificate Path''': <code>/etc/letsencrypt/live/vps.jb-vpn.uk/</code>
 
'' '''Status''': Valid
* '''Certificate Path''': <code>/etc/letsencrypt/live/vps.jb-vpn.uk/</code>
 
* '''Status''': Valid


'''Traffic Flow''':
'''Traffic Flow''':
Line 226: Line 271:


'''Configuration Details''':
'''Configuration Details''':
'' HTTP to HTTPS redirect: ✅ Enabled
* HTTP to HTTPS redirect: ✅ Enabled
'' Static file serving: ✅ Enabled
 
'' Index files: <code>index.html</code>, <code>index.htm</code>, <code>index.nginx-debian.html</code>
* Static file serving: ✅ Enabled
 
* Index files: <code>index.html</code>, <code>index.htm</code>, <code>index.nginx-debian.html</code>


'''DNS Record''': <code>vps.jb-vpn.uk</code> → <code>87.106.61.62</code>
'''DNS Record''': <code>vps.jb-vpn.uk</code> → <code>87.106.61.62</code>
Line 246: Line 293:


'''Current Forwards''':
'''Current Forwards''':
'' '''Synology NAS''': Port <code>22222</code> → <code>10.8.0.2:22</code>
* '''Synology NAS''': Port <code>22222</code> → <code>10.8.0.2:22</code>
   '' Access: <code>ssh -p 22222 user@87.106.61.62</code>
 
   * Access: <code>ssh -p 22222 user@87.106.61.62</code>


'''Management''':
'''Management''':
Line 310: Line 358:
=== Service-Specific Requirements ===
=== Service-Specific Requirements ===


'' '''Wiki/Werbs-Wiki''': Services must be running on ports 8080/8081
* '''Wiki/Werbs-Wiki''': Services must be running on ports 8080/8081
'' '''DSM''': Synology DSM must be enabled
 
'' '''Plex''': Plex Media Server must be running
* '''DSM''': Synology DSM must be enabled
'' '''VPS Default''': No dependencies (local files only)
 
* '''Plex''': Plex Media Server must be running
 
* '''VPS Default''': No dependencies (local files only)


----
----
Line 320: Line 371:


=== Daily ===
=== Daily ===
'' Monitor nginx error logs
* Monitor nginx error logs
'' Check service availability
 
* Check service availability


=== Weekly ===
=== Weekly ===
'' Review access logs for anomalies
* Review access logs for anomalies
'' Verify SSL certificate status
 
* Verify SSL certificate status


=== Monthly ===
=== Monthly ===
'' Backup nginx configurations
* Backup nginx configurations
'' Review and update documentation
 
'' Check for service updates
* Review and update documentation
 
* Check for service updates


=== Quarterly ===
=== Quarterly ===
'' Verify SSL certificate auto-renewal
* Verify SSL certificate auto-renewal
'' Review firewall rules
 
* Review firewall rules
 
* Update system packages
* Update system packages


Revision as of 13:28, 1 January 2026

Current Services - Service Inventory

This document provides a detailed inventory of all services currently configured on the reverse proxy system.

Service Summary

Service Subdomain Internal Port Protocol Status SSL
Wiki wiki.jb-vpn.uk 8080 HTTP Active
Werbs-Wiki werbs-wiki.jb-vpn.uk 8081 HTTP Active
Synology DSM dsm.jb-vpn.uk 5001 HTTPS Active
Plex Media Server plex.jb-vpn.uk 32400 HTTP Active
VPS Default vps.jb-vpn.uk - - Active

Service Details

1. Wiki Service

Subdomain: wiki.jb-vpn.uk

Public Access: https://wiki.jb-vpn.uk

Internal Configuration:

  • Target IP: 10.8.0.2 (Synology NAS via VPN)
  • Target Port: 8080
  • Protocol: HTTP

Nginx Configuration:

  • File: /etc/nginx/sites-available/wiki.jb-vpn.uk
  • Enabled: /etc/nginx/sites-enabled/wiki.jb-vpn.uk

SSL Certificate:

  • Provider: Let's Encrypt
  • Certificate Path: /etc/letsencrypt/live/wiki.jb-vpn.uk/
  • Expiry Date: 2026-02-01
  • Status: Valid (89 days remaining)

Traffic Flow: 

External Request → wiki.jb-vpn.uk:443 (HTTPS) 
  → Nginx Reverse Proxy (SSL Termination)
  → 10.8.0.2:8080 (HTTP on Synology NAS)

Configuration Details:

  • HTTP to HTTPS redirect: ✅ Enabled
  • WebSocket support: ✅ Enabled
  • Extended timeouts: ✅ 300 seconds
  • Proxy headers: ✅ Full set configured

DNS Record: wiki.jb-vpn.uk87.106.61.62

Test Command: 

curl -I https://wiki.jb-vpn.uk
= Or access directly: https://wiki.jb-vpn.uk/index.php?title=Main_Page =

2. Werbs-Wiki Service

Subdomain: werbs-wiki.jb-vpn.uk

Public Access: https://werbs-wiki.jb-vpn.uk

Internal Configuration:

  • Target IP: 10.8.0.2 (Synology NAS via VPN)
  • Target Port: 8081
  • Protocol: HTTP

Nginx Configuration:

  • File: /etc/nginx/sites-available/werbs-wiki.jb-vpn.uk
  • Enabled: /etc/nginx/sites-enabled/werbs-wiki.jb-vpn.uk

SSL Certificate:

  • Provider: Let's Encrypt
  • Certificate Path: /etc/letsencrypt/live/werbs-wiki.jb-vpn.uk/
  • Expiry Date: 2026-02-01
  • Status: Valid (89 days remaining)

Traffic Flow: 

External Request → werbs-wiki.jb-vpn.uk:443 (HTTPS) 
  → Nginx Reverse Proxy (SSL Termination)
  → 10.8.0.2:8081 (HTTP on Synology NAS)

Configuration Details:

  • HTTP to HTTPS redirect: ✅ Enabled
  • WebSocket support: ✅ Enabled
  • Extended timeouts: ✅ 300 seconds
  • Proxy headers: ✅ Full set configured

DNS Record: werbs-wiki.jb-vpn.uk87.106.61.62

Test Command: 

curl -I https://werbs-wiki.jb-vpn.uk

3. Synology DSM

Subdomain: dsm.jb-vpn.uk

Public Access: https://dsm.jb-vpn.uk

Internal Configuration:

  • Target IP: 10.8.0.2 (Synology NAS via VPN)
  • Target Port: 5001
  • Protocol: HTTPS

Nginx Configuration:

  • File: /etc/nginx/sites-available/dsm.jb-vpn.uk
  • Enabled: /etc/nginx/sites-enabled/dsm.jb-vpn.uk

SSL Certificate:

  • Provider: Let's Encrypt
  • Certificate Path: /etc/letsencrypt/live/vps.jb-vpn.uk/ (shared certificate)
  • Status: Valid

Traffic Flow: 

External Request → dsm.jb-vpn.uk:443 (HTTPS) 
  → Nginx Reverse Proxy (SSL Termination)
  → 10.8.0.2:5001 (HTTPS on Synology NAS)

Configuration Details:

  • HTTP to HTTPS redirect: ✅ Enabled
  • WebSocket support: ✅ Enabled (for DSM WebSocket features)
  • Internal HTTPS: ✅ Passes through to Synology HTTPS

DNS Record: dsm.jb-vpn.uk87.106.61.62

Test Command: 

curl -I https://dsm.jb-vpn.uk

4. Plex Media Server

Subdomain: plex.jb-vpn.uk

Public Access: https://plex.jb-vpn.uk

Internal Configuration:

  • Target IP: 10.8.0.2 (Synology NAS via VPN)
  • Target Port: 32400
  • Protocol: HTTP

Nginx Configuration:

  • File: /etc/nginx/sites-available/plex.jb-vpn.uk
  • Enabled: /etc/nginx/sites-enabled/plex.jb-vpn.uk

SSL Certificate:

  • Provider: Let's Encrypt
  • Certificate Path: /etc/letsencrypt/live/vps.jb-vpn.uk/ (shared certificate)
  • Status: Valid

Traffic Flow: 

External Request → plex.jb-vpn.uk:443 (HTTPS) 
  → Nginx Reverse Proxy (SSL Termination)
  → 10.8.0.2:32400 (HTTP on Synology NAS)

Configuration Details:

  • HTTP to HTTPS redirect: ✅ Enabled
  • Plex-specific headers: ✅ Configured
 * X-Plex-Client-Identifier

 * X-Plex-Device

 * X-Plex-Product

 * X-Plex-Version

 * X-Plex-Platform

 * X-Plex-Platform-Version

 * X-Plex-Device-Name

 * X-Plex-Provides

 * X-Plex-Token

DNS Record: plex.jb-vpn.uk87.106.61.62

Test Command: 

curl -I https://plex.jb-vpn.uk

5. VPS Default Web Directory

Subdomain: vps.jb-vpn.uk

Public Access: https://vps.jb-vpn.uk

Internal Configuration:

  • Type: Static files
  • Web Root: /var/www/html
  • Protocol: Direct file serving

Nginx Configuration:

  • File: /etc/nginx/sites-available/vps.jb-vpn.uk
  • Enabled: /etc/nginx/sites-enabled/vps.jb-vpn.uk

SSL Certificate:

  • Provider: Let's Encrypt
  • Certificate Path: /etc/letsencrypt/live/vps.jb-vpn.uk/
  • Status: Valid

Traffic Flow: 

External Request → vps.jb-vpn.uk:443 (HTTPS) 
  → Nginx (SSL Termination)
  → /var/www/html (Local file serving)

Configuration Details:

  • HTTP to HTTPS redirect: ✅ Enabled
  • Static file serving: ✅ Enabled
  • Index files: index.html, index.htm, index.nginx-debian.html

DNS Record: vps.jb-vpn.uk87.106.61.62

Test Command: 

curl -I https://vps.jb-vpn.uk

Additional Services (Non-Web)

SSH Port Forwarding

SSH port forwarding is managed through a centralized configuration system. See [SSH Port Forwarding Management](index.md) for complete documentation.

Current Forwards:

  • Synology NAS: Port 2222210.8.0.2:22
 * Access: ssh -p 22222 user@87.106.61.62

Management: 

= List all SSH port forwards =
sudo ssh-forward list

= Add a new device =
sudo ssh-forward add <name> <external_port> <vpn_ip> [ssh_port]

= Remove a device =
sudo ssh-forward remove <name>

Configuration File: /etc/ssh-port-forwards.conf

Note: This is a direct port forward via iptables, not handled by nginx.

Service Status Monitoring

Check All Services

= Test all HTTPS services =
for domain in wiki.jb-vpn.uk werbs-wiki.jb-vpn.uk dsm.jb-vpn.uk plex.jb-vpn.uk vps.jb-vpn.uk; do
    echo "Testing $domain..."
    curl -I -s https://$domain | head -1
done

Check SSL Certificates

certbot certificates

Check Nginx Status

systemctl status nginx

View Active Sites

ls -la /etc/nginx/sites-enabled/

Service Dependencies

Required for All Services

OpenVPN Tunnel: Must be active (tun0 interface up)

Synology NAS: Must be connected to VPN (10.8.0.2 reachable)

Nginx Service: Must be running

DNS Records: Must point to VPS IP (87.106.61.62)

Service-Specific Requirements

  • Wiki/Werbs-Wiki: Services must be running on ports 8080/8081
  • DSM: Synology DSM must be enabled
  • Plex: Plex Media Server must be running
  • VPS Default: No dependencies (local files only)

Maintenance Schedule

Daily

  • Monitor nginx error logs
  • Check service availability

Weekly

  • Review access logs for anomalies
  • Verify SSL certificate status

Monthly

  • Backup nginx configurations
  • Review and update documentation
  • Check for service updates

Quarterly

  • Verify SSL certificate auto-renewal
  • Review firewall rules
  • Update system packages

Service Statistics

Total Services: 5 web services + 1 SSH port forward

SSL Certificates: 3 unique certificates (some shared)

Configuration Files: 5 nginx site configurations

Internal Ports Used: 8080, 8081, 5001, 32400, 22

Retrieved from "https://wiki.jb-vpn.uk/index.php?title=Services:Current_Services&oldid=198"