On this page we show how you can put a webserver in front of the server. This allows you to use standard ports and also other tricks like adding encryption to the server. This example is done on a Raspberry Pi 3 running Raspian Jessie using Nginx. For other operating systems you may have to tweak the commands accordingly, but the concept remains the same.
Installing required software
sudo apt-get update sudo apt-get install nginx
Adjusting nginx configuration
The installation creates a default site. We take that file
sudo nano /etc/nginx/sites-available/default
to look like this:
server {
listen 80 default_server;
listen [::]:80 default_server;
# Allow bigger uploads
client_max_body_size 1000m;
server_name _;
access_log off;
error_log off;
location / {
proxy_pass http://127.0.0.1:3344;
}
location /socket/ {
proxy_pass http://127.0.0.1:3344/socket/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
}
# printer frontend does not require password, so we forbid it from external
location /mod/front/ {
deny all;
}
location /modules/front2/ {
deny all;
}
}
And then restart nginx:
service nginx restart
Now you can point to the server ip address without adding a port.
Adding https support
If you plan to access the server from outside your local network, it is a good idea to protect access with https. This
requires the installation of a certificate. In this example we create our own certificate as this is a simple and free
way to protect our server. Browsers will complain about that certificate. Not because it is insecure, but because they
can not validate who issued it. As you know it was you, it is secure to put it into your certificate storage so your
browser stops complaining.
So let us create our certificate:
apt-get install ssl-cert make-ssl-cert generate-default-snakeoil --force-overwrite
Now we modify the default configuration to look like this:
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl;
# Allow bigger uploads
client_max_body_size 1000m;
# Self-signed certificate.
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
server_name _;
access_log off;
error_log off;
location / {
proxy_pass http://127.0.0.1:3344;
}
location /socket/ {
proxy_pass http://127.0.0.1:3344/socket/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
}
# printer frontend does not require password, so we forbid it from external
location /mod/front/ {
deny all;
}
location /modules/front2/ {
deny all;
}
}
and then restart nginx:
service nginx restart
Thats all. Now you can access the server with:
https://<your ip address>