OPNsense Forum
English Forums => General Discussion => Topic started by: michaelgo on September 17, 2021, 07:57:19 am
-
Hi,
is it possible to use Nginx without GUI?
can i just clean /usr/local/etc/nginx/nginx.conf and use it? Or is there some kind of integration parameters that cannot be deleted(the configuration file is quite big)?
thanks
-
You can uninstall os-nginx and install only the nginx package (pkg install nginx). Then the whole UI and the integration is gone and you can use almost plain nginx (it will still contain some compiled in extensions but they should not do anything if you don't configure those features).
In general, this works with all plugins. The os- package is the OPNsense UI / service management / system integration.
The package without the os- prefix is the FreeBSD package compiled for OPNsense with the actual software.
-
thanks!
does it mean that the packet flow will remain the same in the system if nginx installed as package without system integration?
-
Even the plugin did nothing with the packets explicitly.
-
thanks!
by packet flow i mean order of processing.
Where does traffic go through Nginx or other plugins in the FW=>routing order?
-
local services do not involve routing on OPNsense since they are the source or the target. Or do you mean some NAT stuff?
-
then i'm confused...
what is the traffic processing order when you use Nginx with opnsense?
for example:
nginx (as a reverse proxy) is listening on a specific port and forwards traffic to upstream servers
now, where's FW and system routing comes in?
routing = > FW => Nginx => routing => FW=> upstream server?
-
AFAIK
(DNAT ->) filter in -> nginx -> SNAT / Filter out (don't know the order here).
There is no routing except maybe the NAT decision. The other thing that involves routing is that the kernel will choose the optimal outbound interface which is as close to the destination host as possible.