Hi,
I just installed Octoprint, and got it running with a webcam using nginx as a reverse proxy, with a configuration taken from here. I have a dynamic domain name set up with duckdns. I'd like to access octoprint as a subdomain like octoprint.my_domain.duckdns.org. Normally this would look like this:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream "octoprint" {
server 127.0.0.1:5000;
}
upstream "mjpg-streamer" {
server 127.0.0.1:8090;
}
server {
listen 5001;
server_name localhost;
location / {
proxy_pass http://octoprint/;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_http_version 1.1;
client_max_body_size 0;
}
location /webcam/ {
proxy_pass http://mjpg-streamer/;
}
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
server_name octoprint.domain.duckdns.org;
location / {
proxy_pass http://127.0.0.1:5001;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_http_version 1.1;
client_max_body_size 0;
}
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/couchpotato.sbrome.duckdns.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/couchpotato.sbrome.duckdns.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = octoprint.domain.duckdns.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name octoprint.domain.duckdns.org;
return 404; # managed by Certbot
}
But since the "remote" proxy pass redirects octoprint.domain.duckdns.org to 127.0.0.1 the webcam feed is still accessible without any credentials required if entering the adress octoprint.domain.duckdns.org/webcam/?action=stream, which of course I don't want. How do I modify this so that I can access octoprint but not the webcam from outside my network, while octoprint can still grab the webcam feed?