# Setting up a reverse proxy A reverse proxy is a public-facing web server sitting in front of an internal server such as Libresonic. The Libresonic server never communicates with the outside ; instead, the reverse proxy handles all HTTP(S) requests and forwards them to Libresonic. This is useful in many ways, such as gathering all web configuration in the same place. It also handles some options (HTTPS) much better than the bundled Libresonic server or a servlet container such as Tomcat. This guide assumes you already have a working Libresonic installation after following the [installation guide](documentation/INSTALL.md). ## Getting a TLS certificate This guide assumes you already have a TLS certificate. [Let's Encrypt](https://letsencrypt.org) currently provides such certificates for free. ## Libresonic configuration A few settings should be tweaked via Spring Boot or Tomcat configuration: - Set the context path to `/libresonic` - Set the correct address to listen to - Set the correct port to listen to #### Spring Boot Add the following java args: ```java -Dserver.port=4040 -Dserver.address=127.0.0.1 -Dserver.contextPath=/libresonic -jar libresonic.war``` #### Tomcat Modify your `` with the proper address and port: ``` ServerName example.com ErrorDocument 404 /404.html DocumentRoot /var/www ProxyPass /libresonic http://localhost:4040/libresonic ProxyPassReverse /libresonic http://localhost:4040/libresonic ``` ### HAProxy The following configuration works for HAProxy (HTTPS only): ```haproxy frontend https bind $server_public_ip$:443 ssl crt /etc/haproxy/ssl/$server_ssl_keys$.pem # Let Libresonic handle all requests under /libresonic acl url_libresonic path_beg -i /libresonic use_backend libresonic-backend if url_libresonic # Change default backend to libresonic backend if you don't have a web backend default_backend web-backend backend libresonic-backend server libresonic 127.0.0.1:4040 check ```