(Using your own domain name) |
No edit summary |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
It is possible to run OnTakt on your own hardware, which includes virtual machines. | It is possible to run OnTakt on your own hardware, which includes virtual machines. | ||
For help installing OnTakt on new hardware, see [[WolframOS Installation]]. | |||
==Using your own domain name== | |||
== Using your own domain name == | |||
If you would like the launch page, OnTakt, and Inspection to be available at locations such as wolfram.example.com, ontakt.example.com, and inspection.example.com, you can set up a reverse proxy to handle domain routing and SSL certificates. | If you would like the launch page, OnTakt, and Inspection to be available at locations such as wolfram.example.com, ontakt.example.com, and inspection.example.com, you can set up a reverse proxy to handle domain routing and SSL certificates. | ||
=== Support notice === | ===Support notice=== | ||
Reverse proxy configuration is '''not supported''' by Wolfram Manufacturing and we '''cannot assist with setup or troubleshooting'''. We '''will not accept bug reports''' for issues caused while accessing our services via a reverse proxy. If you experience a problem while using the reverse proxy, try again with direct IP/port access and submit a report from there if the issue still occurs. | Reverse proxy configuration is '''not supported''' by Wolfram Manufacturing and we '''cannot assist with setup or troubleshooting'''. We '''will not accept bug reports''' for issues caused while accessing our services via a reverse proxy. If you experience a problem while using the reverse proxy, try again with direct IP/port access and submit a report from there if the issue still occurs. | ||
=== Security notice === | ===Security notice=== | ||
We advise that you '''do not make your reverse proxy accessible from outside your local network''' for security reasons. If you have an existing web server you are using for the reverse proxy, make sure it will not proxy requests from the outside internet. If you are using a reverse proxy, we are '''not responsible''' for any '''network issues''' or '''security incidents'''. | We advise that you '''do not make your reverse proxy accessible from outside your local network''' for security reasons. If you have an existing web server you are using for the reverse proxy, make sure it will not proxy requests from the outside internet. If you are using a reverse proxy, we are '''not responsible''' for any '''network issues''' or '''security incidents'''. | ||
We also strongly advise that you '''do not port forward''' OnTakt directly to the internet. If you do this, we are '''not responsible''' for any service or '''network issues''' or '''security incidents'''. | We also strongly advise that you '''do not port forward''' OnTakt directly to the internet. If you do this, we are '''not responsible''' for any service or '''network issues''' or '''security incidents'''. | ||
=== Using NGINX as a reverse proxy === | === Using NGINX as a reverse proxy=== | ||
NGINX is a free web and reverse proxy server. Assuming the OnTakt server has a fixed IP address of 10.0.0.42, an example HTTP-only site configuration file (<code>/etc/nginx/sites-enabled/wolfram.conf</code> on most Linux distributions, <code>/etc/nginx/vhosts.d/wolfram.conf</code> on some) for the launch page and OnTakt would be: | NGINX is a free web and reverse proxy server. Assuming the OnTakt server has a fixed IP address of 10.0.0.42, an example HTTP-only site configuration file (<code>/etc/nginx/sites-enabled/wolfram.conf</code> on most Linux distributions, <code>/etc/nginx/vhosts.d/wolfram.conf</code> on some) for the launch page and OnTakt would be: | ||
# Launch page | # Launch page |
Latest revision as of 10:02, 8 August 2023
It is possible to run OnTakt on your own hardware, which includes virtual machines.
For help installing OnTakt on new hardware, see WolframOS Installation.
Using your own domain name
If you would like the launch page, OnTakt, and Inspection to be available at locations such as wolfram.example.com, ontakt.example.com, and inspection.example.com, you can set up a reverse proxy to handle domain routing and SSL certificates.
Support notice
Reverse proxy configuration is not supported by Wolfram Manufacturing and we cannot assist with setup or troubleshooting. We will not accept bug reports for issues caused while accessing our services via a reverse proxy. If you experience a problem while using the reverse proxy, try again with direct IP/port access and submit a report from there if the issue still occurs.
Security notice
We advise that you do not make your reverse proxy accessible from outside your local network for security reasons. If you have an existing web server you are using for the reverse proxy, make sure it will not proxy requests from the outside internet. If you are using a reverse proxy, we are not responsible for any network issues or security incidents.
We also strongly advise that you do not port forward OnTakt directly to the internet. If you do this, we are not responsible for any service or network issues or security incidents.
Using NGINX as a reverse proxy
NGINX is a free web and reverse proxy server. Assuming the OnTakt server has a fixed IP address of 10.0.0.42, an example HTTP-only site configuration file (/etc/nginx/sites-enabled/wolfram.conf
on most Linux distributions, /etc/nginx/vhosts.d/wolfram.conf
on some) for the launch page and OnTakt would be:
# Launch page server { listen 80; server_name wolfram.example.com location / { proxy_pass http://10.0.0.42:80; } } # OnTakt # (for Inspection, copy and change the proxy_pass line to port 8710 instead of 8720) server { listen 80; server_name ontakt.example.com; location / { proxy_pass http://10.0.0.42:8720; proxy_set_header Host $host:$server_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Websockets proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; } }
HTTPS configuration will depend on the domain registrar or DNS server, but Certbot is a tool that supports most configurations.