區網內,負責Web (Nginx)和 mail (Synology NAS)為不同主機,當Synology要申請Let’s Encrypt SSL 憑證時,會需要 port 80 的網站認證。可利用Nginx proxy設置,順利導向其他主機。

server {
listen 80;
server_name mail.atlaswu.com;
set $upstream 192.168.1.88:80;

location / {
    proxy_pass_header Authorization;
    proxy_pass http://$upstream;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_http_version 1.1;
    proxy_set_header Connection “”;
    proxy_buffering off;
    client_max_body_size 0;
    proxy_read_timeout 36000s;
    proxy_redirect off;
    }
}
Synology MailPlus Server 端的安全憑證就這樣設置

參考自 https://medium.com/@mightywomble/how-to-set-up-nginx-reverse-proxy-with-lets-encrypt-8ef3fd6b79e5

Author