Jump to content

Services:Step By Step: Difference between revisions

From jb-vpn.uk Wiki
Newer edit →
Added troubleshooting guide: Step-by-Step Process for Adding Services
 
Content added - troubleshooting guide: Step-by-Step Process for Adding Services (10 sections)
Line 38: Line 38:


'''Replace''':
'''Replace''':
'' <code>newservice.jb-vpn.uk</code> with your subdomain
* <code>newservice.jb-vpn.uk</code> with your subdomain
'' <code>PORT_NUMBER</code> with your service's port
 
* <code>PORT_NUMBER</code> with your service's port


'''For HTTPS Internal Services''':
'''For HTTPS Internal Services''':
Line 75: Line 76:


'''If there are errors''': Fix them before proceeding. Common issues:
'''If there are errors''': Fix them before proceeding. Common issues:
'' Syntax errors (missing semicolons, brackets)
* Syntax errors (missing semicolons, brackets)
'' Duplicate server names
 
'' Invalid port numbers
* Duplicate server names
 
* Invalid port numbers


== Step 4: Reload Nginx ==
== Step 4: Reload Nginx ==
Line 96: Line 99:


You should receive an HTTP response. If you get a connection error:
You should receive an HTTP response. If you get a connection error:
'' Check DNS: <code>nslookup newservice.jb-vpn.uk</code>
* Check DNS: <code>nslookup newservice.jb-vpn.uk</code>
'' Verify service is running: <code>curl http://10.8.0.2:PORT_NUMBER</code>
 
'' Check nginx logs: <code>tail -f /var/log/nginx/error.log</code>
* Verify service is running: <code>curl http://10.8.0.2:PORT_NUMBER</code>
 
* Check nginx logs: <code>tail -f /var/log/nginx/error.log</code>


== Step 6: Set Up SSL Certificate ==
== Step 6: Set Up SSL Certificate ==
Line 109: Line 114:


'''What this does''':
'''What this does''':
'' Requests SSL certificate from Let's Encrypt
* Requests SSL certificate from Let's Encrypt
'' Configures nginx for HTTPS
 
'' Sets up HTTP to HTTPS redirect
* Configures nginx for HTTPS
'' Configures automatic renewal
 
* Sets up HTTP to HTTPS redirect
 
* Configures automatic renewal


'''If Certbot fails''':
'''If Certbot fails''':
'' Verify DNS is pointing to VPS: <code>nslookup newservice.jb-vpn.uk</code>
* Verify DNS is pointing to VPS: <code>nslookup newservice.jb-vpn.uk</code>
'' Ensure port 80 is open and accessible
 
'' Check firewall rules: <code>sudo iptables -L -n -v</code>
* Ensure port 80 is open and accessible
 
* Check firewall rules: <code>sudo iptables -L -n -v</code>


== Step 7: Verify HTTPS Access ==
== Step 7: Verify HTTPS Access ==
Line 137: Line 147:


Verify:
Verify:
'' SSL certificate is valid (green lock icon)
* SSL certificate is valid (green lock icon)
'' Service loads correctly
 
'' All functionality works as expected
* Service loads correctly
 
* All functionality works as expected


== Removing a Service ==
== Removing a Service ==
Line 173: Line 185:
== Related Documentation ==
== Related Documentation ==


'' [[Documentation:Prerequisites](Prerequisites|- Requirements before starting
* [[Documentation:Prerequisites](Prerequisites|- Requirements before starting
'' [Configuration Options]])(configuration-options.md) - Advanced configuration
 
'' [Service Examples](service-examples.md) - Service-specific examples
* [Configuration Options]])(configuration-options.md) - Advanced configuration
'' [[Documentation:Index|Troubleshooting]] - Common issues
 
* [Service Examples](service-examples.md) - Service-specific examples
 
* [[Documentation:Index|Troubleshooting]] - Common issues


[[Category:Documentation]]
[[Category:Documentation]]
[[Category:Documentation/Services]]
[[Category:Documentation/Services]]
[[Category:Documentation/Services/Adding Services]]
[[Category:Documentation/Services/Adding Services]]

Revision as of 13:28, 1 January 2026

Step-by-Step Process for Adding Services

Follow these steps to add a new service to the reverse proxy system.

Step 1: Create Nginx Configuration File

Create a new configuration file in /etc/nginx/sites-available/: 

sudo nano /etc/nginx/sites-available/newservice.jb-vpn.uk

Basic HTTP Configuration Template: 

server {
    server_name newservice.jb-vpn.uk;

    location / {
        # Reverse Proxy to Synology's internal VPN IP and service port
        proxy_pass http://10.8.0.2:PORT_NUMBER;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        # Necessary for Synology Reverse Proxy compatibility
        proxy_set_header Upgrade $http_upgrade; 
        proxy_set_header Connection "upgrade";
        # Timeouts for long-running requests
        proxy_read_timeout 300s;
        proxy_connect_timeout 75s;
    }

    listen 80;

}

Replace:

  • newservice.jb-vpn.uk with your subdomain
  • PORT_NUMBER with your service's port

For HTTPS Internal Services:

If your internal service uses HTTPS, change the proxy_pass line: 

proxy_pass https://10.8.0.2:PORT_NUMBER;

For Services Requiring Special Headers:

Some services (like Plex) require additional headers. See [Service Examples](service-examples.md) for reference.

Step 2: Enable the Site

Create a symlink to enable the site: 

sudo ln -s /etc/nginx/sites-available/newservice.jb-vpn.uk /etc/nginx/sites-enabled/newservice.jb-vpn.uk

Step 3: Test Nginx Configuration

Always test the configuration before reloading: 

sudo nginx -t

Expected Output: 

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

If there are errors: Fix them before proceeding. Common issues:

  • Syntax errors (missing semicolons, brackets)
  • Duplicate server names
  • Invalid port numbers

Step 4: Reload Nginx

Reload nginx to apply the new configuration (graceful reload, no downtime): 

sudo systemctl reload nginx

Step 5: Verify HTTP Access

Test that the service is accessible via HTTP: 

curl -I http://newservice.jb-vpn.uk

You should receive an HTTP response. If you get a connection error:

  • Check DNS: nslookup newservice.jb-vpn.uk
  • Check nginx logs: tail -f /var/log/nginx/error.log

Step 6: Set Up SSL Certificate

Use Certbot to automatically configure SSL: 

sudo certbot --nginx -d newservice.jb-vpn.uk --non-interactive --agree-tos --redirect --email admin@jb-vpn.uk

What this does:

  • Requests SSL certificate from Let's Encrypt
  • Configures nginx for HTTPS
  • Sets up HTTP to HTTPS redirect
  • Configures automatic renewal

If Certbot fails:

  • Verify DNS is pointing to VPS: nslookup newservice.jb-vpn.uk
  • Ensure port 80 is open and accessible
  • Check firewall rules: sudo iptables -L -n -v

Step 7: Verify HTTPS Access

Test that HTTPS is working: 

curl -I https://newservice.jb-vpn.uk

You should receive a 200 OK or similar response with SSL certificate details.

Step 8: Test in Browser

Open your browser and navigate to: 

https://newservice.jb-vpn.uk

Verify:

  • SSL certificate is valid (green lock icon)
  • Service loads correctly
  • All functionality works as expected

Removing a Service

To remove a service:

Disable the site:

   sudo rm /etc/nginx/sites-enabled/service.jb-vpn.uk

Test configuration:

   sudo nginx -t

Reload nginx:

   sudo systemctl reload nginx

Optional - Remove configuration file:

   sudo rm /etc/nginx/sites-available/service.jb-vpn.uk

Optional - Revoke SSL certificate:

   sudo certbot revoke --cert-path /etc/letsencrypt/live/service.jb-vpn.uk/cert.pem
   sudo certbot delete --cert-name service.jb-vpn.uk
  • [[Documentation:Prerequisites](Prerequisites|- Requirements before starting
  • [Configuration Options]])(configuration-options.md) - Advanced configuration
  • [Service Examples](service-examples.md) - Service-specific examples
Retrieved from "https://wiki.jb-vpn.uk/index.php?title=Services:Step_By_Step&oldid=202"