Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Advice
« previous
next »
Print
Pages: [
1
]
Author
Topic: Advice (Read 888 times)
andyw
Newbie
Posts: 11
Karma: 1
Advice
«
on:
May 07, 2024, 02:53:44 pm »
Hello, I was wondering if anyone could help in regards to Nginx or Haproxy.
I have currently got couple of web servers (Using Lets Encrypt) running through Nginx as the "Security Rules" implementation is an added layer of protection.
I have the need to host an mqqt server ideally with tls and was wondering if this should still be done through Nginx or do I need to deploy Haproxy for this? Is it possible to have both Nginx and Haproxy on the same instance of Opnsense?
Any advice would be appreciated.
Thanks in advance,
Andy
Logged
muchacha_grande
Full Member
Posts: 219
Karma: 19
Re: Advice
«
Reply #1 on:
May 08, 2024, 05:08:55 pm »
Hi andyw,
I use Nginx and have an mqtts server. I don't use Nginx to proxy mqtt, instead, it is forwarded vía NAT and I connect directly from the outside.
If you already have certificates using Lets Encrypt with ACME plugin, you could program an automation to copy the new certificates to the mqtt server box and restart the service on each renewal.
Cheers
Logged
Patrick M. Hausen
Hero Member
Posts: 6848
Karma: 575
Re: Advice
«
Reply #2 on:
May 08, 2024, 05:27:06 pm »
You need to activate the community repository as documented here:
https://www.routerperformance.net/opnsense-repo/
Possibly not a good idea if you run the business edition because the system is mission critical - but that's for you to decide.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
andyw
Newbie
Posts: 11
Karma: 1
Re: Advice
«
Reply #3 on:
May 23, 2024, 04:06:04 pm »
Thank you both for your replies. What benefit of activating the community repository would benefit me?
@ muchacha_grande do you have any redundency in your setup?
Thank you
Logged
Patrick M. Hausen
Hero Member
Posts: 6848
Karma: 575
Re: Advice
«
Reply #4 on:
May 23, 2024, 04:11:50 pm »
Sorry for the confusion - that should have gone to a completely different thread.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
muchacha_grande
Full Member
Posts: 219
Karma: 19
Re: Advice
«
Reply #5 on:
May 28, 2024, 09:05:58 pm »
Hi @andyw,
Quote from: andyw on May 23, 2024, 04:06:04 pm
@ muchacha_grande do you have any redundency in your setup?
No, I don't. Just one mqtt server with a port forward rule.
Cheers
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Advice