Services:Current Services: Difference between revisions
Content removed - troubleshooting guide: Current Services - Service Inventory (23 sections) |
Major update - troubleshooting guide: Current Services - Service Inventory (32 sections) |
||
| Line 1: | Line 1: | ||
This document provides a detailed inventory of all services currently configured on the reverse proxy system. | This document provides a detailed inventory of all services currently configured on the reverse proxy system. | ||
| Line 69: | Line 67: | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
curl -I https://wiki.jb-vpn.uk | curl -I https://wiki.jb-vpn.uk | ||
= Or access directly: https://wiki.jb-vpn.uk/index.php?title=Main_Page = | == Or access directly: https://wiki.jb-vpn.uk/index.php?title=Main_Page == | ||
</pre> | </pre> | ||
| Line 299: | Line 297: | ||
'''Management''': | '''Management''': | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= List all SSH port forwards = | == List all SSH port forwards == | ||
sudo ssh-forward list | sudo ssh-forward list | ||
= Add a new device = | == Add a new device == | ||
sudo ssh-forward add <name> <external_port> <vpn_ip> [ssh_port] | sudo ssh-forward add <name> <external_port> <vpn_ip> [ssh_port] | ||
= Remove a device = | == Remove a device == | ||
sudo ssh-forward remove <name> | sudo ssh-forward remove <name> | ||
</pre> | </pre> | ||
| Line 320: | Line 318: | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= Test all HTTPS services = | ==== Test all HTTPS services ==== | ||
for domain in wiki.jb-vpn.uk werbs-wiki.jb-vpn.uk dsm.jb-vpn.uk plex.jb-vpn.uk vps.jb-vpn.uk; do | for domain in wiki.jb-vpn.uk werbs-wiki.jb-vpn.uk dsm.jb-vpn.uk plex.jb-vpn.uk vps.jb-vpn.uk; do | ||
echo "Testing $domain..." | echo "Testing $domain..." | ||
| Line 351: | Line 349: | ||
=== Required for All Services === | === Required for All Services === | ||
= '''OpenVPN Tunnel''': Must be active (tun0 interface up) = | ==== '''OpenVPN Tunnel''': Must be active (tun0 interface up) ==== | ||
= '''Synology NAS''': Must be connected to VPN (10.8.0.2 reachable) = | == '''Synology NAS''': Must be connected to VPN (10.8.0.2 reachable) == | ||
= '''Nginx Service''': Must be running = | == '''Nginx Service''': Must be running == | ||
= '''DNS Records''': Must point to VPS IP (87.106.61.62) = | == '''DNS Records''': Must point to VPS IP (87.106.61.62) == | ||
=== Service-Specific Requirements === | === Service-Specific Requirements === | ||
Revision as of 13:44, 1 January 2026
This document provides a detailed inventory of all services currently configured on the reverse proxy system.
Service Summary
| Service | Subdomain | Internal Port | Protocol | Status | SSL |
| Wiki | wiki.jb-vpn.uk | 8080 | HTTP | Active | ✅ |
| Werbs-Wiki | werbs-wiki.jb-vpn.uk | 8081 | HTTP | Active | ✅ |
| Synology DSM | dsm.jb-vpn.uk | 5001 | HTTPS | Active | ✅ |
| Plex Media Server | plex.jb-vpn.uk | 32400 | HTTP | Active | ✅ |
| VPS Default | vps.jb-vpn.uk | - | - | Active | ✅ |
Service Details
1. Wiki Service
Subdomain: wiki.jb-vpn.uk
Public Access: https://wiki.jb-vpn.uk
Internal Configuration:
- Target IP:
10.8.0.2(Synology NAS via VPN)
- Target Port:
8080
- Protocol: HTTP
Nginx Configuration:
- File:
/etc/nginx/sites-available/wiki.jb-vpn.uk
- Enabled:
/etc/nginx/sites-enabled/wiki.jb-vpn.uk
SSL Certificate:
- Provider: Let's Encrypt
- Certificate Path:
/etc/letsencrypt/live/wiki.jb-vpn.uk/
- Expiry Date: 2026-02-01
- Status: Valid (89 days remaining)
Traffic Flow:
External Request → wiki.jb-vpn.uk:443 (HTTPS) → Nginx Reverse Proxy (SSL Termination) → 10.8.0.2:8080 (HTTP on Synology NAS)
Configuration Details:
- HTTP to HTTPS redirect: ✅ Enabled
- WebSocket support: ✅ Enabled
- Extended timeouts: ✅ 300 seconds
- Proxy headers: ✅ Full set configured
DNS Record: wiki.jb-vpn.uk → 87.106.61.62
Test Command:
curl -I https://wiki.jb-vpn.uk == Or access directly: https://wiki.jb-vpn.uk/index.php?title=Main_Page ==
2. Werbs-Wiki Service
Subdomain: werbs-wiki.jb-vpn.uk
Public Access: https://werbs-wiki.jb-vpn.uk
Internal Configuration:
- Target IP:
10.8.0.2(Synology NAS via VPN)
- Target Port:
8081
- Protocol: HTTP
Nginx Configuration:
- File:
/etc/nginx/sites-available/werbs-wiki.jb-vpn.uk
- Enabled:
/etc/nginx/sites-enabled/werbs-wiki.jb-vpn.uk
SSL Certificate:
- Provider: Let's Encrypt
- Certificate Path:
/etc/letsencrypt/live/werbs-wiki.jb-vpn.uk/
- Expiry Date: 2026-02-01
- Status: Valid (89 days remaining)
Traffic Flow:
External Request → werbs-wiki.jb-vpn.uk:443 (HTTPS) → Nginx Reverse Proxy (SSL Termination) → 10.8.0.2:8081 (HTTP on Synology NAS)
Configuration Details:
- HTTP to HTTPS redirect: ✅ Enabled
- WebSocket support: ✅ Enabled
- Extended timeouts: ✅ 300 seconds
- Proxy headers: ✅ Full set configured
DNS Record: werbs-wiki.jb-vpn.uk → 87.106.61.62
Test Command:
curl -I https://werbs-wiki.jb-vpn.uk
3. Synology DSM
Subdomain: dsm.jb-vpn.uk
Public Access: https://dsm.jb-vpn.uk
Internal Configuration:
- Target IP:
10.8.0.2(Synology NAS via VPN)
- Target Port:
5001
- Protocol: HTTPS
Nginx Configuration:
- File:
/etc/nginx/sites-available/dsm.jb-vpn.uk
- Enabled:
/etc/nginx/sites-enabled/dsm.jb-vpn.uk
SSL Certificate:
- Provider: Let's Encrypt
- Certificate Path:
/etc/letsencrypt/live/vps.jb-vpn.uk/(shared certificate)
- Status: Valid
Traffic Flow:
External Request → dsm.jb-vpn.uk:443 (HTTPS) → Nginx Reverse Proxy (SSL Termination) → 10.8.0.2:5001 (HTTPS on Synology NAS)
Configuration Details:
- HTTP to HTTPS redirect: ✅ Enabled
- WebSocket support: ✅ Enabled (for DSM WebSocket features)
- Internal HTTPS: ✅ Passes through to Synology HTTPS
DNS Record: dsm.jb-vpn.uk → 87.106.61.62
Test Command:
curl -I https://dsm.jb-vpn.uk
4. Plex Media Server
Subdomain: plex.jb-vpn.uk
Public Access: https://plex.jb-vpn.uk
Internal Configuration:
- Target IP:
10.8.0.2(Synology NAS via VPN)
- Target Port:
32400
- Protocol: HTTP
Nginx Configuration:
- File:
/etc/nginx/sites-available/plex.jb-vpn.uk
- Enabled:
/etc/nginx/sites-enabled/plex.jb-vpn.uk
SSL Certificate:
- Provider: Let's Encrypt
- Certificate Path:
/etc/letsencrypt/live/vps.jb-vpn.uk/(shared certificate)
- Status: Valid
Traffic Flow:
External Request → plex.jb-vpn.uk:443 (HTTPS) → Nginx Reverse Proxy (SSL Termination) → 10.8.0.2:32400 (HTTP on Synology NAS)
Configuration Details:
- HTTP to HTTPS redirect: ✅ Enabled
- Plex-specific headers: ✅ Configured
* X-Plex-Client-Identifier
* X-Plex-Device
* X-Plex-Product
* X-Plex-Version
* X-Plex-Platform
* X-Plex-Platform-Version
* X-Plex-Device-Name
* X-Plex-Provides
* X-Plex-Token
DNS Record: plex.jb-vpn.uk → 87.106.61.62
Test Command:
curl -I https://plex.jb-vpn.uk
5. VPS Default Web Directory
Subdomain: vps.jb-vpn.uk
Public Access: https://vps.jb-vpn.uk
Internal Configuration:
- Type: Static files
- Web Root:
/var/www/html
- Protocol: Direct file serving
Nginx Configuration:
- File:
/etc/nginx/sites-available/vps.jb-vpn.uk
- Enabled:
/etc/nginx/sites-enabled/vps.jb-vpn.uk
SSL Certificate:
- Provider: Let's Encrypt
- Certificate Path:
/etc/letsencrypt/live/vps.jb-vpn.uk/
- Status: Valid
Traffic Flow:
External Request → vps.jb-vpn.uk:443 (HTTPS) → Nginx (SSL Termination) → /var/www/html (Local file serving)
Configuration Details:
- HTTP to HTTPS redirect: ✅ Enabled
- Static file serving: ✅ Enabled
- Index files:
index.html,index.htm,index.nginx-debian.html
DNS Record: vps.jb-vpn.uk → 87.106.61.62
Test Command:
curl -I https://vps.jb-vpn.uk
Additional Services (Non-Web)
SSH Port Forwarding
SSH port forwarding is managed through a centralized configuration system. See [SSH Port Forwarding Management](index.md) for complete documentation.
Current Forwards:
- Synology NAS: Port
22222→10.8.0.2:22
* Access: ssh -p 22222 user@87.106.61.62
Management:
== List all SSH port forwards == sudo ssh-forward list == Add a new device == sudo ssh-forward add <name> <external_port> <vpn_ip> [ssh_port] == Remove a device == sudo ssh-forward remove <name>
Configuration File: /etc/ssh-port-forwards.conf
Note: This is a direct port forward via iptables, not handled by nginx.
Service Status Monitoring
Check All Services
==== Test all HTTPS services ====
for domain in wiki.jb-vpn.uk werbs-wiki.jb-vpn.uk dsm.jb-vpn.uk plex.jb-vpn.uk vps.jb-vpn.uk; do
echo "Testing $domain..."
curl -I -s https://$domain | head -1
done
Check SSL Certificates
certbot certificates
Check Nginx Status
systemctl status nginx
View Active Sites
ls -la /etc/nginx/sites-enabled/
Service Dependencies
Required for All Services
OpenVPN Tunnel: Must be active (tun0 interface up)
Synology NAS: Must be connected to VPN (10.8.0.2 reachable)
Nginx Service: Must be running
DNS Records: Must point to VPS IP (87.106.61.62)
Service-Specific Requirements
- Wiki/Werbs-Wiki: Services must be running on ports 8080/8081
- DSM: Synology DSM must be enabled
- Plex: Plex Media Server must be running
- VPS Default: No dependencies (local files only)
Maintenance Schedule
Daily
- Monitor nginx error logs
- Check service availability
Weekly
- Review access logs for anomalies
- Verify SSL certificate status
Monthly
- Backup nginx configurations
- Review and update documentation
- Check for service updates
Quarterly
- Verify SSL certificate auto-renewal
- Review firewall rules
- Update system packages
Service Statistics
Total Services: 5 web services + 1 SSH port forward
SSL Certificates: 3 unique certificates (some shared)
Configuration Files: 5 nginx site configurations
Internal Ports Used: 8080, 8081, 5001, 32400, 22