-
Notifications
You must be signed in to change notification settings - Fork 16
Proxying Nunaliit with NGINX
Optionally configuring NGINX as a reverse proxy virtual host (after installing Nunaliit and creating an atlas)
Note: Ideally Nunaliit should be behind SSL to enable better security and in-browser audio and video recording. Please update this doc if you know how to set that up with NGINX
sudo apt install -y nginx
Create a configuration definition file in /etc/nginx/sites-available/ (make sure it looks something like 001-example.io) and add something like the following to it (adjust for your atlas hostname, nunaliit port, directory path, etc.):
server {
listen 80 default_server;
location / {
proxy_pass http://127.0.0.1:8080;
}
}
Note that this file can also be placed in /etc/nginx/conf.d/ and named sometime like 001-example.conf. If this pattern is followed no link need be created (the step after this one).
See the NGINX docs for more info: https://www.nginx.com/resources/admin-guide/reverse-proxy/
ln -s /etc/nginx/sites-available/001-example.io /etc/nginx/sites-enabled
sudo service nginx configtest
sudo service nginx reload
In order to put a site behind NGINX basic authentication, you will need to do a couple additional things.
Create an htaccess password file.
Add directives to your nginx config file similar to the following.
server {
listen 80 default_server;
location / {
proxy_pass http://127.0.0.1:8080;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Authorization "";
add_header X-Auth-CouchDB-UserName $remote_user;
}
}
See the NGINX basic auth doc for more info: https://www.nginx.com/resources/admin-guide/restricting-access-auth-basic/