• CentOS 8 에 KVM 설치 및 Reverse Proxy 구성하기

$ dnf install cockpit cockpit-machines

# cockpit service 등록
$ systemctl start cockpit.socket
$ systemctl enable cockpit.socket

# firewall 에 cockpit 등록
$ firewall-cmd --add-service=cockpit --permanent

# cockpit domain 용 ssl 인증서 받기
## certbot 인증용 http 서비스 만들기

<VirtualHost *:80>
    ServerName your.domin.com
    DocumentRoot /var/www/html
</VirtualHost>

# certbot 을 활용한 ssl 인증서 생성
$ certbot certonly --apache -d your.domain.com

## ssl 용 virtualhost 설정
<VirtualHost *:443>
    ServerName your.domain.com

    SSLEngine on
    SSLCertificateKeyFile /etc/letsencrypt/live/your.domain.com/privkey.pem
    SSLCertificateFile /etc/letsencrypt/live/your.domain.com/cert.pem
    SSLCertificateChainFile /etc/letsencrypt/live/your.domain.com/fullchain.pem

    ProxyPreserveHost On
    ProxyRequests Off

    # allow for upgrading to websockets
    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule /(.*)           ws://127.0.0.1:9090/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket [NC]
    RewriteRule /(.*)           http://127.0.0.1:9090/$1 [P,L]

    # Proxy to cockpit instance
    ProxyPass / http://127.0.0.1:9090/
    ProxyPassReverse / http://127.0.0.1:9090/
    RemoteIPHeader X-Forwarded-For

</VirtualHost>

# reverse proxy 연결을 위한 cockpit 설정 추가
$ touch /etc/cockpit/cockpit.conf
## cockpit.conf 내용

[WebService]
Origins = https://your.domain.com http://127.0.0.1:9090
ProtocolHeader = X-Forwarded-Proto
AllowUnencrypted = true