Reverse proxy setup

Overview

CloudBeaver includes a built-in reverse proxy for secure access and load balancing.

This article explains how to set up a proxy in the CloudBeaver Compose setup.

• CloudBeaver AWS uses the default pre-configured proxy setup as the Enterprise Edition.
• Community Edition users need to configure the proxy manually.

For proxy configuration in other deployment types, see README in the cloudbeaver-deploy repository.

Configure proxy server

Note

This feature is available in Enterprise, AWS, Team editions only.

Starting in version 25.1, CloudBeaver supports two proxy types: Nginx and HAProxy. Set the proxy type in your .env file:

PROXY_TYPE=nginx  # Options: nginx, haproxy

If you previously used Nginx and want to switch to HAProxy, you can do it without losing configuration or SSL certificates - shared Docker volumes handle it.

Info

For details on environment configuration, see CloudBeaver Enterprise deployment from Docker Compose

Proxy ports

When using Docker Compose with network_mode: host, set ports in your .env file:

LISTEN_PORT_HTTP=80
LISTEN_PORT_HTTPS=443

These control which ports the proxy listens to inside the container.

Extra step for Nginx

If you use Nginx and set a custom COMPOSE_PROJECT_NAME in your .env, pass it explicitly in the container’s environment block:

environment:
  - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME}

Note

This isn’t needed for HAProxy - it resolves service names via Docker DNS.

Nginx configuration in CloudBeaver Community

In the Community Edition, you can configure Nginx manually to set up a web server in front of CloudBeaver.

If you prefer, you can configure HTTPS directly for the Jetty server. For details, see Jetty configuration.

1. Install Nginx on your server. Refer to the official Nginx documentation.

2. Add a proxy configuration:

   1. Open the main Nginx configuration file in a text editor.
   2. In your Nginx configuration file inside the http section, add the following:

         server {
            listen 80;
            server_name _;
            client_max_body_size 500M;
            location / {
               proxy_pass http://127.0.0.1:8978;
               proxy_set_header Host $host;
               proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_set_header X-Forwarded-Proto $scheme;
               proxy_http_version 1.1;
               proxy_set_header Upgrade $http_upgrade;
               proxy_set_header Connection "upgrade";
           }
       }
   

   To ensure the client’s real IP address is forwarded when using Nginx, add the forwardProxy:true parameter to your server configuration.

3. Apply the changes:

   • Reload the Nginx configuration.
   • Open CloudBeaver in your browser using http://127.0.0.1.