Dashboard Reverse Proxy Configuration
Starting from version V1, Dashboard and gRPC share the default 8008 port for both access and communication.
Nginx Configuration Example
Below is an example configuration for setting up a reverse proxy using Nginx:
nginx
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# Uncomment the next line and comment the above lines if using Nginx > 1.25.1
# http2 on;
server_name dashboard.example.com; # Replace with your domain
ssl_certificate /data/letsencrypt/fullchain.pem; # Path to your SSL certificate
ssl_certificate_key /data/letsencrypt/key.pem; # Path to your SSL private key
ssl_stapling on;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m; # Comment out if it conflicts with other configurations
ssl_protocols TLSv1.2 TLSv1.3;
underscores_in_headers on;
set_real_ip_from 0.0.0.0/0; # Replace with your CDN's IP ranges
real_ip_header CF-Connecting-IP; # Replace with your CDN's private header, default for Cloudflare
# Comment the above two lines if Nginx is the outermost layer.
# gRPC Configuration
location ^~ /proto.NezhaService/ {
grpc_set_header Host $host;
grpc_set_header nz-realip $http_CF_Connecting_IP; # Replace with your CDN's private header
# Uncomment the next line and comment the above if Nginx is the outermost layer
# grpc_set_header nz-realip $remote_addr;
grpc_read_timeout 600s;
grpc_send_timeout 600s;
grpc_socket_keepalive on;
client_max_body_size 10m;
grpc_buffer_size 4m;
grpc_pass grpc://dashboard;
}
# WebSocket Configuration
location ~* ^/api/v1/ws/(server|terminal|file)(.*)$ {
proxy_set_header Host $host;
proxy_set_header nz-realip $http_cf_connecting_ip; # Replace with your CDN's private header
# Uncomment the next line and comment the above if Nginx is the outermost layer
# proxy_set_header nz-realip $remote_addr;
proxy_set_header Origin https://$host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
proxy_pass http://127.0.0.1:8008;
}
# Web Traffic Configuration
location / {
proxy_set_header Host $host;
proxy_set_header nz-realip $http_cf_connecting_ip; # Replace with your CDN's private header
# Uncomment the next line and comment the above if Nginx is the outermost layer
# proxy_set_header nz-realip $remote_addr;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_max_temp_file_size 0;
proxy_pass http://127.0.0.1:8008;
}
}
upstream dashboard {
server 127.0.0.1:8008;
keepalive 512;
}Caddy Configuration Example
Below is an example configuration for setting up a reverse proxy using Caddy:
caddy
dashboard.example.com {
@grpcProto {
path /proto.NezhaService/*
}
reverse_proxy @grpcProto {
header_up Host {host}
header_up nz-realip {http.CF-Connecting-IP} # Replace with your CDN's private header
# Uncomment the next line and comment the above if Caddy is the outermost layer
# header_up nz-realip {remote_host};
transport http {
versions h2c
read_buffer 4096
}
to localhost:8008
}
reverse_proxy {
header_up Host {host}
header_up Origin https://{host}
header_up nz-realip {http.CF-Connecting-IP} # Replace with your CDN's private header
# Uncomment the next line and comment the above if Caddy is the outermost layer
# header_up nz-realip {remote_host};
header_up Upgrade {http.upgrade} # Comment this line if Agent TLS communication is enabled
header_up Connection "upgrade"
transport http {
read_buffer 16384
}
to localhost:8008
}
}Configuration Notes
Adjust Headers
ReplaceCF-Connecting-IPand other header configurations based on your CDN provider's requirements.Enable HTTPS
Ensure your SSL certificate paths are correct and domain resolution is properly set up.Optimize Performance
Adjustkeepaliveandbuffersettings based on your server's performance and traffic requirements.