This page explains some tips for using a reverse proxy server in front of RSAS.
RSAS can be used behind a reverse proxy server. Some common reasons for doing this are:
RSAS supports the following HTTP headers commonly used by reverse proxies:
X-Forwarded-Proto
- RSAS will use this to determine whether to use HTTP or HTTPS in URLs it generatesX-Forwarded-For
- expected to be the original client IP making the request. RSAS will log this in the access.log
as
the client IP, rather than the reverse proxy's IP.When running a reverse proxy to front multiple applications, it is common to have a different base URL path for
application,
such as /grafana
, /rsas
, etc. In order for RSAS to correctly generate M3U8 playlists required for HLS, it must be made
aware that it should use this new base URL in any URLs that it references in its playlists.
To solve this, set the <base-url>
in your configuration to the full public base URL through which RSAS can be accessed:
<icecast>
<base-url>https://my-public-reverse-proxy:8011/rsas</base-url>
<hls>
<enabled>1</enabled>
...
</hls>
...
</icecast>
Note that the <base-url>
overrides the <hostname>
setting.
Below are some snippets of configurations demonstrating site configurations for nginx and haproxy. (Note that these are not complete configurations - they are just demonstrating the reverse proxying part.)
location /rsas/ {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:8000; //IP of your RSAS server on your LAN
}
frontend apps.example.com *:80
acl has_rsas_prefix path_beg -i /rsas
use_backend rsas if has_rsas_prefix
default_backend default
backend rsas
server rsas 127.0.0.1:8000