Configuring nginx as a proxy for CoD4x Webadmin Application


  • Administrators

    Cod4x WebAdmin by default runs on port 3000, meaning that builds are usually accessed using a port number in addition to their hostname (e.g. http://example.org:3000)

    In order to allow Cod4x WebAdmin to be served without a port, nginx can be set up to proxy all requests to a particular hostname (or subdomain) to an upstream Cod4x WebAdmin build running on any port.

    Requirements

    *NGINX version v1.3.13 or greater

    To determine your nginx version, execute nginx -V in a shell

    Configuration

    NGINX-served sites are contained in a server block. This block of options goes in a specific place based on how nginx was installed and configured:

    • /path/to/nginx/sites-available/* -- files here must be aliased to ../sites-enabled
    • /path/to/nginx/conf.d/*.conf -- filenames must end in .conf
    • /path/to/nginx/httpd.conf -- if all else fails

    Below is the basic nginx configuration for a Cod4x WebAdmin build running on port 3000:

    server {
        listen 80;
    
        server_name forum.example.org;
    
    	    location / {
    	        proxy_set_header X-Real-IP $remote_addr;
    	        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	        proxy_set_header X-Forwarded-Proto $scheme;
    	        proxy_set_header Host $http_host;
    	        proxy_set_header X-NginX-Proxy true;
    
    	        proxy_pass http://127.0.0.1:3000;
    	        proxy_redirect off;
    
    	        # Socket.IO Support
    	        proxy_http_version 1.1;
    	        proxy_set_header Upgrade $http_upgrade;
    	        proxy_set_header Connection "upgrade";
    	    }
    	}
    

    Below is an nginx configuration which uses SSL.

    ### redirects http requests to https
        server {
            listen 80;
            server_name example.org;
        
            return 302 https://$server_name$request_uri;
        }
        
        ### the https server
        server {
            # listen on ssl, deliver with speedy if possible
            listen 443 ssl spdy;
        
            server_name example.org;
        
            # change these paths!
            ssl_certificate /path/to/cert/bundle.crt;
            ssl_certificate_key /path/to/cert/example.org.key;
        
            # enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        
            # disables all weak ciphers
            ssl_ciphers 'AES128+EECDH:AES128+EDH';
        
            ssl_prefer_server_ciphers on;
        
            location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
        
                proxy_pass http://127.0.0.1:3000;  # no trailing slash
                proxy_redirect off;
        
                # Socket.IO Support
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
            }
        }
    

Log in to reply
 

480
107
90
Visitors Today
Powered & Designed by NeHo