Ansible Windows Jump Host for Linux server

we can use nginx proxy to configure the Windows machine as a jump host for Linux servers

First of All, Add the below Configuration in the Nginx configuration file to forward the ssh traffic to the Linux server.

Stop the Nginx service by using the command: ./nginx.exe -s stop

Add these lines in the Nginx config file at top of the file

stream {

    server {

        listen           192.168.0.23:2222;

        proxy_pass 192.168.0.106:22;

    }

}

Here port Forwarding from 2222 to 22 port from nginx.

Final Nginx Config File is

stream {

    server {

        listen           192.168.0.23:2222;

        proxy_pass 192.168.0.106:22;

    }

}

#user  nobody;

worker_processes  1;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

    worker_connections  1024;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

    #                  '$status $body_bytes_sent "$http_referer" '

    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    #keepalive_timeout  0;

    keepalive_timeout  65;

    #gzip  on;

    server {

    listen          8080 ssl;

    server_name     192.168.0.23;

ssl_certificate C:\SSL\certificate.crt;

    ssl_certificate_key C:\SSL\privatekey.key;

    location /service_name {

            proxy_pass              http://192.168.0.48:5985/wsman;

            proxy_set_header        Host            $host;

            proxy_set_header        X-Real-IP       $remote_addr;

            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

            client_max_body_size    10m;

            client_body_buffer_size 128k;

            proxy_connect_timeout   90;

            proxy_send_timeout      90;

            proxy_read_timeout      90;

            proxy_buffers           32 4k;

    }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html

        #

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {

            root   html;

        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80

        #

        #location ~ \.php$ {

        #    proxy_pass   http://127.0.0.1;

        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

        #

        #location ~ \.php$ {

        #    root           html;

        #    fastcgi_pass   127.0.0.1:9000;

        #    fastcgi_index  index.php;

        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

        #    include        fastcgi_params;

        #}

 

        # deny access to .htaccess files if Apache's document root

        # concurs with Nginx's one

        #

        #location ~ /\.ht {

        #    deny  all;

        #}

    }

    # another virtual host using mix of IP-, name-, and port-based configuration

    #

    #server {

    #    listen       8000;

    #    listen       somename:8080;

    #    server_name  somename  alias  another.alias;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

    # HTTPS server

    #

    #server {

    #    listen       443 ssl;

    #    server_name  localhost;

    #    ssl_certificate      cert.pem;

    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;

    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;

    #    ssl_prefer_server_ciphers  on;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

}

File Ends.

Start the nginx.exe

 

Ping Linux server From Controller

Here is the Ansible Inventory file for connecting the target Linux server which will be forwarded through the windows jump host.

The Inventory File looks like,


Vi /etc/ansible/workspace/myhosts1

[test]

192.168.0.106

[test:vars]

ansible_ssh_user=root

ansible_ssh_pass=zippyops

ansible_ssh_extra_args="-R 2222:192.168.0.23:2222"

Here 192.168.0.23 is jump host Server .Target server connect through 2222 port to jump host and ping target server.

 



Relevant Blogs:

Ansible Linux jump host for Linux node  

custom log in ansible  

Ansible installation in CentOS 

Ansible Windows Jump Host for Linux server  

Recent Comments

No comments

Leave a Comment