owner: gmikcon status: active last_reviewed: 2026-05-09 review_interval: 90d confidence: medium

source_of_truth: owner-confirmed

Public gnexus.space Traffic To Internal nginx

This route describes the main public traffic path into the local infrastructure.

Route

Internet
  -> gnexus.space
  -> external VPS
  -> external OpenVPN server
  -> OpenVPN tunnel
  -> internal OpenVPN client
  -> internal proxy VPS
  -> internal nginx reverse proxy
  -> target VPS or internal machine
  -> target service

Exposure

• Exposure: public.
• Public-facing entry: external-vps.
• Internal routing: OpenVPN tunnel to internal-proxy-vps.
• Proxy layer: internal-nginx-proxy.
• Main public web ports: 80, 443.

Purpose

The route lets public traffic terminate on an external VPS and then pass into selected internal services through a VPN tunnel. The internal nginx proxy decides which target VPS or machine receives the request.

Known Public Domains

• git.gnexus.space
• jellyfin.gnexus.space
• lytvak.gnexus.space
• minecraft.gnexus.space
• auth.gnexus.space
• cloud.gnexus.space
• files.gnexus.space
• gnexus.space
• navi.gnexus.space
• transmission.gnexus.space

Known Hosts

• External VPS: external-vps, s-host.com.ua, Ukraine, Ubuntu Server 22.04.
• Internal proxy VPS: internal-proxy-vps, VM ovpn_reserv, LAN address 192.168.1.226, libvirt address 192.168.105.181/24.

Confirmed Enabled Proxy Targets

Available But Not Confirmed Enabled

These nginx site files exist on internal-proxy-vps, but they were not listed as enabled symlinks during the last check:

• lytvak.gnexus.space -> http://192.168.1.167
• minecraft.gnexus.space -> tcp://192.168.1.218:25565

Unknowns

• OpenVPN public port.
• nginx configuration file paths.
• SSH forwarding details to the internal alex VPS.