16.76. taler-merchant-rproxy-setup(1)¶
16.76.1. Name¶
taler-merchant-rproxy-setup - configure reverse proxy for the Taler merchant
16.76.2. Synopsis¶
taler-merchant-rproxy-setup [–domain**=*NAME*] [–nginx** | –apache] [–httponly | –httpsonly] [-h | –help]
16.76.3. Description¶
taler-merchant-rproxy-setup is a command-line tool that configures a reverse proxy for the Taler merchant under either Nginx or Apache HTTP server. It may optionally enable HTTPS via certbot unless –httponly is requested.
If neither –nginx nor –apache is specified, the script checks whether exactly one of them is installed and proceeds accordingly, or exits with an error if neither or both are installed.
The script updates the default reverse-proxy configuration file
(/etc/nginx/sites-available/taler-merchant
for Nginx,
/etc/apache2/sites-available/taler-merchant.conf
for Apache) and
backs up any existing version to a .legacy
suffix. If HTTPS is
enabled (the default unless –httponly is given), certbot is run
to obtain TLS certificates for the configured domain name, and
the configuration is adjusted accordingly. If –httpsonly is
requested, HTTP requests will be redirected to HTTPS (port 443).
Finally, the script activates the new site configuration and reloads
the respective web server.
To ensure successful configuration, both the web server (Nginx or
Apache) and certbot (unless –httponly) must be installed.
In the case of Apache, some modules (proxy
, proxy_http
,
headers
) must be enabled. The script will check for these
prerequisites and exit with an error if any are missing.
16.76.4. Options¶
- –domain=NAME
Required. The fully qualified domain name (FQDN) for which the reverse proxy is being set up.
- –nginx
Force using Nginx as the reverse proxy. If not specified, the script auto-detects whether Nginx or Apache is installed, provided exactly one is installed.
- –apache
Force using Apache as the reverse proxy. If not specified, the script auto-detects whether Nginx or Apache is installed, provided exactly one is installed.
- –httponly
Only configure HTTP (no TLS). Skips certbot and omits all TLS-related configuration. Incompatible with –httpsonly.
- –httpsonly
Configure HTTPS and automatically redirect HTTP traffic to the HTTPS port. Incompatible with –httponly.
- -h | –help
Print short help on options.
16.76.5. See Also¶
taler-merchant-httpd(1), taler-merchant.conf(5)
16.76.6. Bugs¶
Report bugs by using https://bugs.taler.net/ or by sending electronic mail to <taler@gnu.org>.