This is the part below that handles the Libretime server. It is in the file /etc/nginx/sites-available/music.conf
On the Libretime server I link back to the same SSL cert files (or copy them with a cron job) so that Libretime also uses SSL.
server {
if ($host = libretime.xyz.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name libretime.xyz.com;
location / {
proxy_pass http://192.168.7.66;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
server_name libretime.xyz.com;
location / {
proxy_pass https://192.168.7.66;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
ssl_certificate /etc/letsencrypt/live/libretime.xyz.com/fullchain.pem; # man$
ssl_certificate_key /etc/letsencrypt/live/libretime.xyz.com/privkey.pem; # m$
}