Quick reverse proxy config for nginx

nginx is my preferred lightweight HTTP/HTTPS server and fairly easy to do reverse proxy for. In this example, I use a reverse proxy to expose an internal service running on port 82 to the Internet.

Here is an example config …

server {
        server_name; # must match the portion of the URL
        proxy_set_header Host   $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        client_max_body_size 100M; # increase size of uploaded files
        location / {
                proxy_pass; # internal server address and port
# Insert SSL certificate block here
} is a sub-domain that exists on the public Internet while internal-service.vernon.wenberg is an internal system. This also allows the use of an SSL certificate on your nginx server instead of your internal server.

· 2020/02/16 23:59 · 2020/02/17 00:11

How to resolve incorrect time with Windows Domain Controller

The Domain Controller should be the definitive source for time for the entire Windows Domain network. It needs to sync directly to NTP servers and not the hardware clock of the machine it's on whether it's a virtual machine or a physical server.

That means don't set VMware Tools to sync time for the guest. There are several frustating limitations to the VMware tools time sync that make it the wrong tool for the job. VMWare defaults to having time sync disabled on Windows Server guests for a good reason.

That does mean that you'll need to set your Domain Controller to get it's time synchronization directly from the Internet (or a definitive clock source).

Run the following from an escalated command line.

C:\net stop w32time
C:\> w32tm /config /syncfromflags:manual /manualpeerlist:”,,”

If the above command does not work, try this …

w32tm /config /update /manualpeerlist:",0x8,0x8,0x8,0x8" /syncfromflags:MANUAL
<code>C:\>w32tm /config /reliable:yes
C:\>net start w32time
C:\>w32tm /query /configuration

Those commands will set the appropriate registry keys so that your server will get the time directly from the Internet and not the hardware clock or VMware tools. Once you've gotten the DC time correct (including your timezone), then the other machines will update automatically over time. You can force an update using …

C:\>w32tm /resync

The command prompts the local computer to sync to it's configured time source. If it's a Domain Member, then it will sync to the previously configured and updated Domain Controller(s).

Manage Mayan EDMS in Docker

  • docker exec -ti mayan-edms /bin/bash
  • cd /opt/mayan-edms/bin
  • Execute ./ to get a list of available commands
· 2020/02/15 06:01 · 2020/02/15 06:02


· 2020/01/20 17:29 · 2020/02/05 15:47

Generate Certificate Signing Request (CSR) in Linux

openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr

Replace domain with your domain. domain.csr is what is used by your certificate authority to generate your certificate. domain.key will be used by your web server in conjunction with your certificate.

· 2020/01/13 19:22 · 2020/02/05 15:47

Older entries >>

QR Code: URL of current page
QR Code: URL of current page start (generated for current page)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International