Monitoring cron jobs, scripts and daemons on servers without internet access can be done by establishing a limited proxy server on a peer machine capable of making requests to the Cronitor ping API.
Any proxy server can be used, but this guide will demonstrate using the Nginx reverse proxy server to route Cronitor pings from your private network to our public API.
$ sudo unlink /etc/nginx/sites-enabled/default
$ sudo vim /etc/nginx/sites-available/cronitor-proxy
server { listen 80; # Make site accessible from its IP, in this example 192.168.50.5 server_name 192.168.50.5; location / { resolver 8.8.8.8; proxy_pass https://cronitor.link:443$request_uri; # Set this to the CIDR range of your isolated server(s) allow 192.0.0.0/8; deny all; } }
$ sudo ln -s /etc/nginx/sites-available/cronitor-proxy /etc/nginx/sites-enabled/cronitor-proxy
$ sudo service nginx restart
Your nginx proxy is now configured to accept incoming requests from your private network on port 80 and forward them over an SSL connection to the Cronitor ping API. The proxy cannot be used to access anything else.
If you are using Curl to ping Cronitor, you can begin to forward requests to your internal proxy simply by setting an environment variable. You can set this directly in most implementations of crontab:
http_proxy=192.168.50.5:80 # m h dom mon dow command 0 1 * * * /path/to/job.sh && curl https://cronitor.link/d3x0c1/complete -m 10
If you are using Curl outside of crontab, you can set this variable in your bash profile
$ echo "export http_proxy=192.168.50.5:80" >> ~/.bash_profile; source ~/.bash_profile
Note that by default Crontab uses /bin/sh
and environment variables set in your shell profile will not be available in crontab.
With this variable set, you can follow instructions as written in the in integration docs with one caveat:
To avoid complexity of installing a self-signed SSL certificate, your proxy server is only listening on port 80. When pinging cronitor, use http://
not https://
-- Remember, your requests will be relayed over an SSL secured connection by the proxy server.
Most HTTP clients have built-in support for using a proxy server, so the first step would be to consult your documentation. Alternatively, you could just send your pings directly to your proxy, converting a URL like
http://cronitor.link/d3x0c1/run
to http://192.168.50.5/d3x0c1/run
, substituting the IP of your proxy.