In this section we present a series of reverse proxy configurations that augment the capabilities of Kapow!.
Note
In this section we refer to the host running the Kapow! server as kapow:8080.
Kapow! currently does not support HTTPS but you can use a reverse proxy to serve a Kapow! service via HTTPS.
For testing purposes you can generate a self-signed certificate with the following command:
$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
Automatic Let's Encrypt Certificate
Caddy automatically enables HTTPS using Let's Encrypt certificates given that some criteria are met.
yourpublicdomain.example proxy / kapow:8080
Automatic Self-signed Certificate
If you want Caddy to automatically generate a self-signed certificate for testing you can use the following configuration.
yourdomain.example proxy / kapow:8080 tls self_signed
Custom Certificate
If you already have a valid certificate for your server use this configuration.
yourdomain.example proxy / kapow:8080 tls /path/to/cert.pem /path/to/key.pem
With the following configuration you can run HAProxy with a custom certificate.
frontend myserver.local
bind *:443 ssl crt /path/to/myserver.local.pem
mode http
default_backend nodes
backend nodes
mode http
server kapow1 kapow:8080
Note
You can produce myserver.local.pem
from the certificates in
previous examples with this command:
$ cat /path/to/cert.pem /path/to/key.pem > /path/to/myserver.local.pem
With the following configuration you can run nginx with a custom certificate.
server {
listen 443 ssl;
server_name myserver.local;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://kapow:8080;
}
}