Nginx as Reverse Proxy

From PKC
Revision as of 17:31, 24 April 2021 by Ben>Admin (→‎Set up Let's Encrypt)
Jump to navigation Jump to search

The first place to learn Nginx can be found in this book[1]:

Install Nginx

The following code can be copied and pasted to perform the task of installing Nginx on Ubuntu:[2]

sudo apt-get update
sudo apt-get install nginx -y

Disable Default Virtual Host of Nginx

Then, try to unlink this existing link:

sudo unlink /etc/nginx/sites-enabled/default

Create the Reverse Proxy

Now go to the Nginx site-available directory

cd /etc/nginx/sites-available

Use a text editor or copy a file with the following file name: reverse-proxy.conf.

For example:

vi reverse-proxy.conf

Use a text editor or copy a file with the following file name: reverse-proxy.conf.

For example, use the text editor vi, you can type the following command:

vi reverse-proxy.conf


In the file, type in the following content. Please note that this configuration, especially the port number 9352 is a PKC specific specification.

server {
    listen 80;
    location / {
        proxy_pass http://127.0.0.1:9352;
    }
}

Test Nginx and the Reverse Proxy

Activate the directives by linking to /sites-enabled/ using the following command:

sudo ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf

First, verify the syntax of all the above content is legitimate:

sudo service nginx configtest

Then, restart Nginx to kick it into action:

sudo service nginx restart

Set up Let's Encrypt

After setting up Nginx, one can consider setting up the free-of-charge Let's Encrypt certificate. The following instructions are modeled after this Medium article[3]:

sudo add-apt-repository ppa:certbot/certbot

Then, install the python3 certbot for Nginx.

sudo apt install python3-certbot-nginx


Then, install the python3 certbot for Nginx.

cd /etc/nginx/sites-enabled/

In this directory: /etc/nginx/sites-enabled/ create the following file using a text editor or just copy a text file to this location with a name that is similar to this:dev.example.com For example, if the name of your domain is dev.thewiki.us, then the file name should be: dev.thewiki.us. Using vi as a text editor, your will type this in command line:

  
vi dev.thewiki.us.conf
                                                  
server {
    server_name dev.thewiki.us;
    # The internal IP of the VM that hosts your Apache config
    set $upstream 127.0.0.1:9352;
        location / {
        proxy_pass_header Authorization;
        proxy_pass http://$upstream;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Connection “”;
        proxy_buffering off;
        client_max_body_size 0;
        proxy_read_timeout 36000s;
        proxy_redirect off;
    }
    listen 80;
}


First, test if the above file passes the syntactical test:

 
sudo nginx -t

References

  1. eJonghe, D. (2017). NGINX cookbook : advanced recipes for operations(First edition. ed., pp. 1 online resource (1 volume)). Retrieved from https://go.oreilly.com/massachusetts-institute-of-technology-mit/library/view/-/9781492049098/?ar
  2. Edward S., How to Set Up an Nginx Reverse Proxy, Retrieved from https://www.hostinger.com/tutorials/how-to-set-up-nginx-reverse-proxy/
  3. The Mightywomble, How to set up Nginx reverse proxy with let’s encrypt, Retried from:https://medium.com/@mightywomble/how-to-set-up-nginx-reverse-proxy-with-lets-encrypt-8ef3fd6b79e5