d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
master
proxmox/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

4.2 KiB
Raw Permalink Blame History

Nginx SSL Manual Configuration - Step-by-Step Guide

Last Updated: 2026-01-31
Document Version: 1.0
Status: Active Documentation

Date: 2026-01-09
NPM URL: http://192.168.11.26:81
Credentials: nsatoshi2007@hotmail.com / L@ker$2010

Quick Start

  1. Open: http://192.168.11.26:81
  2. Log in with credentials above
  3. Follow steps below for each domain

Step-by-Step Configuration

For Each Domain:

Step 1: Add Proxy Host

  1. Click "Proxy Hosts" in left menu
  2. Click "Add Proxy Host" button (top right)

Step 2: Details Tab

Fill in:

  • Domain Names: Enter the domain (e.g., explorer.d-bis.org)
    • For multiple domains, add each on a new line
  • Scheme:
    • Select http if target is http://
    • Select https if target is https://
  • Forward Hostname/IP: Enter the IP address (e.g., 192.168.11.140)
  • Forward Port: Enter the port (e.g., 80 or 443)
  • Cache Assets: Enable (optional)
  • Block Common Exploits: Enable
  • Websockets Support: Enable (for RPC domains with WebSocket)

Step 3: SSL Tab

  1. Click "SSL" tab
  2. Click "Request a new SSL Certificate"
  3. Fill in:
    • Email Address for Let's Encrypt: nsatoshi2007@hotmail.com
    • I Agree to the Let's Encrypt Terms of Service: Check
    • Force SSL: Enable (redirects HTTP to HTTPS)
    • HTTP/2 Support: Enable
    • HSTS Enabled: Enable
    • HSTS Subdomains: Enable (if you have subdomains)

Step 4: Save

  1. Click "Save" button
  2. Wait 1-2 minutes for certificate to be issued
  3. Check for green checkmark indicating success

Domain Configuration Reference

sankofa.nexus (5 domains)

Domain Details Forward To Port WebSocket
sankofa.nexus Scheme: http 192.168.11.140 80 No
www.sankofa.nexus Scheme: http 192.168.11.140 80 No
phoenix.sankofa.nexus Scheme: http 192.168.11.140 80 No
www.phoenix.sankofa.nexus Scheme: http 192.168.11.140 80 No
the-order.sankofa.nexus Scheme: http 192.168.11.140 80 No

d-bis.org (9 domains)

Domain Details Forward To Port WebSocket
explorer.d-bis.org Scheme: http 192.168.11.140 80 No
rpc-http-pub.d-bis.org Scheme: https 192.168.11.252 443 Yes
rpc-ws-pub.d-bis.org Scheme: https 192.168.11.252 443 Yes
rpc-http-prv.d-bis.org Scheme: https 192.168.11.251 443 Yes
rpc-ws-prv.d-bis.org Scheme: https 192.168.11.251 443 Yes
dbis-admin.d-bis.org Scheme: http 192.168.11.130 80 No
dbis-api.d-bis.org Scheme: http 192.168.11.155 3000 No
dbis-api-2.d-bis.org Scheme: http 192.168.11.156 3000 No
secure.d-bis.org Scheme: http 192.168.11.130 80 No

mim4u.org (4 domains)

Domain Details Forward To Port WebSocket
mim4u.org Scheme: http 192.168.11.19 80 No
www.mim4u.org Scheme: http 192.168.11.19 80 No
secure.mim4u.org Scheme: http 192.168.11.19 80 No
training.mim4u.org Scheme: http 192.168.11.19 80 No

defi-oracle.io (1 domain)

Domain Details Forward To Port WebSocket
rpc.public-0138.defi-oracle.io Scheme: https 192.168.11.252 443 Yes

Tips

  1. Batch Configuration: Configure similar domains together (same target IP/port)
  2. Certificate Wait: Let's Encrypt certificates take 1-2 minutes to issue
  3. Error Handling: If certificate request fails, check:
    • DNS resolves to 76.53.10.36
    • Port 80 is accessible (required for HTTP-01 challenge)
    • No rate limiting (wait 1 hour if too many requests)

Verification

After configuring all domains:

bash scripts/nginx-proxy-manager/verify-ssl-config.sh

Or test manually:

curl -I https://explorer.d-bis.org
curl -I https://sankofa.nexus

Last Updated: 2026-01-09

Reference in New Issue View Git Blame Copy Permalink