Linux Format

SET UP SECURE REMOTE ACCESS TO WEKAN

-

1 Set up subdomain or dynamic domain

First, allocate a suitable domain to connect through. If you’ve already got a domain, we advise setting up a dedicated subdomain like wekan.domain.com, which is set to point to your own network’s public IP address (as revealed at www.whatsmyip. com). Failing that, set up free dynamic hostname through a service like www.noip.com if you don’t have one.

2 Dynamic DNS updater

Public IP addresses often change over time – use a dynamic DNS client to ensure your domains update to the new address when it changes. Most domain providers offer tools for purchased domains, while dynamic hostnames can often be updated through routers or NASES. If you’re a docker user, we recommend Linuxserve­r’s ddclient as an automated solution.

3 Set up a reverse proxy

Wekan doesn’t offer a secure means of accessing your boards remotely, but by installing a reverse proxy with SSL certificat­es you can encrypt your connection. We recommend Linuxserve­r’s letsencryp­t implementa­tion (see http://bit.ly/ lxf260lets­encrypt) for a guide. If you have a QNAP NAS, follow our guide to setting up letsencryp­t in LXF260 (page 59).

4 Configure reverse proxy with Wekan

Go to https://github.com/wekan/wekan/wiki/nginxwebse­rver-config and paste the code beneath example.com. conf into a blank text document. Change all server_name references to point to your subdomain. If Wekan is running on a different server to your reverse proxy you’ll also need to amend the proxy_pass line to point to your Wekan server’s IP address.

5 Save and upload

Stop the letsencryp­t container or nginx server, then save your text file into its config/nginx/proxy-confs folder with your choice of filename. If you’re running a regular nginx server, then save the file as advised on the Wekan wiki. Once done, restart your letsencryp­t container or nginx server. If all is well, your reverse proxy should now be able to redirect Wekan traffic.

6 Redirect traffic through router

Finally, you need to route all traffic through ports 80 and 443 to your reverse proxy. Open your router’s configurat­ion utility and locate its port-forwarding section (for example NAT Forwarding>virtual Servers on Tp-link routers). Once found, create two forwarding rules: one from port 80 to port 80 on your reverse proxy’s IP address, the other from port 443 to port 443.

?? ??
?? ??
?? ??
?? ??
?? ??
?? ??

Newspapers in English

Newspapers from Australia