There is a local home-server with ngix but with a dynamic ip and a server with a domain but a weak vpn-server and you need to get access to the site on the home-server so that the client connects to the vpn-server and it is desirable that there is a VPN tunnel between these severs .

Example:

 Клиент -> vpn-server -> (VPN туннель) -> home-server -> Nginx Клиент <- vpn-server <- (VPN туннель) <- home-server <- Nginx

A bit about servers:

  • vpn-server Ubuntu 16, OpenVPN
  • home-server: Ubuntu 16, OpenVPN, Nginx

At the moment I do not know where to start.

  • state, please, more clearly what exactly is causing you difficulty. right in the question, of course. - aleksandr barakin
  • Perhaps your ultimate goal is this ? - aleksandr barakin
  • @alexanderbarakin is a bit wrong, and I don’t understand how it can be applied to my problem - users
  • Now your question is too global (I’m not talking about the fact that it is very vague). I suggest you remove all unnecessary from the question. as I understand it, your main task is to access the server, which sometimes changes the address. - aleksandr barakin

1 answer 1

If the VPN server is under your control, then

1) give the home server a fixed address for a VPN connection;

2) install nginx on the VPN server as a front-end (reverse proxy) and give it a HOME server as upstream:

 upstream home-server { server <vpn-адрес home-server'а> } server { ... proxy_http_version 1.1; proxy_pass http://home-server; }

Another option: you can not use nginx on the VPN server, but put the rule in DNAT on it:

 iptables -t nat -I PREROUTING -p tcp --dport 80 -j DNAT --to-destination <home-server-VPN-IP>

For this option to work on the home server, the default route must point to the VPN server.