Jump to content

Services:Best Practices: Difference between revisions

From jb-vpn.uk Wiki
Newer edit →
Added troubleshooting guide: Best Practices for Adding Services
 
Minor update - troubleshooting guide: Best Practices for Adding Services (4 sections)
Line 17: Line 17:
Use this checklist when adding a new service:
Use this checklist when adding a new service:


'' [ ] DNS A record created and propagated
* [ ] DNS A record created and propagated
'' [ ] Service running on Synology NAS
 
'' [ ] Service accessible from VPN network
* [ ] Service running on Synology NAS
'' [ ] Nginx configuration file created
 
'' [ ] Site enabled (symlink created)
* [ ] Service accessible from VPN network
'' [ ] Nginx configuration tested (<code>nginx -t</code>)
 
'' [ ] Nginx reloaded
* [ ] Nginx configuration file created
'' [ ] HTTP access verified
 
'' [ ] SSL certificate obtained
* [ ] Site enabled (symlink created)
'' [ ] HTTPS access verified
 
'' [ ] Browser testing completed
* [ ] Nginx configuration tested (<code>nginx -t</code>)
'' [ ] Service documented in [Current Services](current-services.md)
 
* [ ] Nginx reloaded
 
* [ ] HTTP access verified
 
* [ ] SSL certificate obtained
 
* [ ] HTTPS access verified
 
* [ ] Browser testing completed
 
* [ ] Service documented in [Current Services](current-services.md)


== Security Considerations ==
== Security Considerations ==


'' Always use HTTPS for public-facing services
* Always use HTTPS for public-facing services
'' Keep SSL certificates up to date (automatic renewal via Certbot)
 
'' Use strong authentication for services that require it
* Keep SSL certificates up to date (automatic renewal via Certbot)
'' Monitor access logs for unusual activity
 
* Use strong authentication for services that require it
 
* Monitor access logs for unusual activity


== Related Documentation ==
== Related Documentation ==


'' [Step-by-Step Process](step-by-step.md) - Setup process
* [Step-by-Step Process](step-by-step.md) - Setup process
'' [[Documentation:Index|Troubleshooting]] - Common issues
 
* [[Documentation:Index|Troubleshooting]] - Common issues


[[Category:Documentation]]
[[Category:Documentation]]
[[Category:Documentation/Services]]
[[Category:Documentation/Services]]
[[Category:Documentation/Services/Adding Services]]
[[Category:Documentation/Services/Adding Services]]

Revision as of 13:28, 1 January 2026

Best Practices for Adding Services

This document outlines best practices when adding new services to the reverse proxy system.

General Best Practices

Always test configuration before reloading nginx

Use descriptive subdomain names that indicate the service

Document your services in [Current Services](current-services.md)

Backup configurations before making changes

Monitor logs after adding new services

Use HTTPS for all public-facing services

Test thoroughly before marking service as complete

Checklist

Use this checklist when adding a new service:

  • [ ] DNS A record created and propagated
  • [ ] Service running on Synology NAS
  • [ ] Service accessible from VPN network
  • [ ] Nginx configuration file created
  • [ ] Site enabled (symlink created)
  • [ ] Nginx configuration tested (nginx -t)
  • [ ] Nginx reloaded
  • [ ] HTTP access verified
  • [ ] SSL certificate obtained
  • [ ] HTTPS access verified
  • [ ] Browser testing completed
  • [ ] Service documented in [Current Services](current-services.md)

Security Considerations

  • Always use HTTPS for public-facing services
  • Keep SSL certificates up to date (automatic renewal via Certbot)
  • Use strong authentication for services that require it
  • Monitor access logs for unusual activity
  • [Step-by-Step Process](step-by-step.md) - Setup process
Retrieved from "https://wiki.jb-vpn.uk/index.php?title=Services:Best_Practices&oldid=200"