Repository

Looks good to me!

User Tools

Site Tools

Trace: nginx
topic:architecture:ported:nginx

https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ 

sudo apt install apache2-utils
sudo htpasswd -c [LOCATION] [USERNAME]

Certbot 

sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx

Need to read how `nginx` works from scratch. https://stackoverflow.com/questions/26921620/should-you-install-nginx-inside-docker

Good starting reference: http://nginx.org/en/docs/beginners_guide.html

Pending: New server - Review: https://starbeamrainbowlabs.com/blog/article.php?article=posts%2F237-WebDav-Nginx-Setup.html - https://www.robpeck.com/2020/06/making-webdav-actually-work-on-nginx/

Docker compose tutorial: https://adamtheautomator.com/docker-compose-tutorial/

https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/

## Reverse proxy

When setting up `nginx` as a reverse proxy, it is a good idea to create proxy-specific headers. This is important if the proxy has a dynamic behaviour dependent on the host and IP address. An example set of headers can be found in this [guide](https://tumblr.intranation.com/post/766288369/using-nginx-reverse-proxy), to be placed in the `nginx` configuration file:

``` http { 

  # proxy settings
  proxy_redirect     off;
  proxy_set_header   Host             $host;
  proxy_set_header   X-Real-IP        $remote_addr;
  proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
  proxy_max_temp_file_size 0;
  proxy_connect_timeout      90;
  proxy_send_timeout         90;
  proxy_read_timeout         90;
  proxy_buffer_size          4k;
  proxy_buffers              4 32k;
  proxy_busy_buffers_size    64k;
  proxy_temp_file_write_size 64k;
  
  ...

} ```

Note that forwarding requests to the proxy does not require such granularity to work - the only requirement is to specify when and how to pass requests. In the following example, all requests to the `test.example.com` subdomain on port 443 (HTTPS) is passed to the `localhost` on port 8080 (HTTP). This is particularly useful to communicate directly with Docker applications.

``` server { 

  listen 443;
  server_name test.example.com;
  location / {
      proxy_pass http://127.0.0.1:8080;
      proxy_redirect off;
  }

} ```

If an "Insecure Connection" notification is raised on Chrome (despite the certificate being valid), changes are that the browser has aggressively cached the previous response (?) prior to setting up a HTTPS channel. Best to test and run your configuration in incognito mode.

## New CPU

- CPU: Intel i3-10110U CPU @ 2.10 GHz, 2 Core(s) - RAM: 8 GB (from Mac Mini) - Disk: Samsung SSD CM871 M.2 2280 128 GB - Disk: ST1000LM048-2E7172 1000 GB

topic/architecture/ported/nginx.txt · Last modified: 24 months ago ( 2 May 2023) by 127.0.0.1