Yes, it's possible. Here's the instruction.
1. Install Headwind MDM: https://h-mdm.com/advanced-web-panel-installation/
It is strongly recommended to set up work over HTTPS.
While installing, it is important to skip the step "Use iptables to redirect port 443 to 8443". Answer "N".
2. If Headwind MDM was already installed and you are upgrading it with Headwind Remote, you need to remove the iptables rule redirecting the ports. Notice: Headwind MDM will temporary fails to work on port 443.
/sbin/iptables -D PREROUTING -t nat -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
/sbin/iptables -D OUTPUT -t nat -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
Also, modify the crontab and remove the /opt/hmdm/iptables-tomcat.sh from running at boot, by using the command:
crontab -e
3. Before installing Headwind Remote, add the following line in the config.yaml file:
hmdm_https_port: 8443
4. IMPORTANT IF YOU'RE BEHIND THE NAT! If you install Headwind Remote on the same server as Headwind MDM, you may need to point the domain name to the local address using /etc/hosts. In this case, if you're behind the NAT, Headwind Remote cannot automatically determine the external IP address, so you need to specify it manually.
nat: true
public_ip: "your.external.ip"
5. Install Headwind Remote by running the command
bash ./install.sh
Once ready, Headwind Remote should be available by the URL
https://your-mdm-domain.com/web-admin/
(notice a slash at the end of the URL!)
6. To set up regular renewals of the HTTPS certificate by LetsEncrypt, add the following line to crontab:
0 6 1 * * /opt/remote-control/letsencrypt-ssl-renew.sh
(make sure the shell script has the executable permissions)
This will run the renewal script each month.