d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4eead3e53fecdb2b7e629bb9f56b22ff92c61d2e
proxmox/scripts/configure-nginx-jwt-auth-COMPLETE.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

79 lines
2.5 KiB
Markdown
Raw Blame History

# Nginx JWT Auth Configuration - Completion Status
## Summary
The nginx JWT authentication configuration has been completed using the **Python-based approach** (`configure-nginx-jwt-auth-simple.sh`) since nginx-extras in Ubuntu 22.04 does not include the Lua module.
## Issues Resolved
### 1. Lua Module Not Available
- **Problem**: nginx-extras in Ubuntu 22.04 doesn't include `http_lua_module`
- **Solution**: Used Python-based JWT validation script instead
- **Script**: `configure-nginx-jwt-auth-simple.sh`
### 2. Package Installation Errors
- **Problem**: Attempted to install non-existent `libnginx-mod-http-lua` package
- **Solution**: Removed package reference, use nginx-extras or regular nginx
### 3. Locale Warnings
- **Problem**: Multiple locale warnings cluttering output
- **Solution**: Added locale suppression (`export LC_ALL=C; export LANG=C`)
## Configuration Status
**JWT Secret Generated**: UMW58gEniB9Y75yNmw0X...
**Python JWT Validator**: Installed and configured
**Nginx Configuration**: Created and syntax validated
**SSL Certificates**: Configured (if present)
**Service**: Configured (may need manual restart)
## Next Steps
1. **Verify nginx is running**:
```bash
ssh root@192.168.11.10 "pct exec 2501 -- systemctl status nginx"
```
2. **If nginx failed to start, check logs**:
```bash
ssh root@192.168.11.10 "pct exec 2501 -- journalctl -u nginx.service -n 50"
```
3. **Manually restart if needed**:
```bash
ssh root@192.168.11.10 "pct exec 2501 -- systemctl restart nginx"
```
4. **Test JWT authentication**:
```bash
# Without token (should fail)
curl -k https://rpc-http-prv.d-bis.org/
# With valid JWT token (should succeed)
curl -k -H "Authorization: Bearer <token>" https://rpc-http-prv.d-bis.org/
```
## Files Modified
- `scripts/configure-nginx-jwt-auth.sh` - Fixed package installation and locale warnings
- `scripts/configure-nginx-jwt-auth-simple.sh` - Used for final configuration (Python-based)
## Configuration Details
- **VMID**: 2501
- **Hostname**: besu-rpc-2
- **IP**: 192.168.11.251
- **HTTP Domain**: rpc-http-prv.d-bis.org
- **WS Domain**: rpc-ws-prv.d-bis.org
- **JWT Secret Location**: /etc/nginx/jwt_secret
- **Python Validator**: /usr/local/bin/jwt-validate.py
- **Nginx Config**: /etc/nginx/sites-available/rpc-perm
## Notes
- The Python-based approach is more reliable on Ubuntu 22.04
- nginx-extras doesn't include Lua module in Ubuntu 22.04
- JWT validation uses Python script via `auth_request` module
- Configuration test passed successfully
Reference in New Issue View Git Blame Copy Permalink