Installing and configuration of Nginx Web/(Reverse proxy) server in ubuntu

5 Min. Read
Aug 20, 2018

 Nginx Install Configuration Ruby On Rails

Installation

Install 769x430

First you will have to install ubuntu,

1
$ sudo apt install nginx

this will install the software and it will generate default configurations in /etc/nginx/sites-available folder. You can see those files there. You can modify the default.conf file.

For configuration, two folders are important and are out-of-the-box created by nginx; var/nginx/sites-available and var/nginx/sites-enabled. Draft configurations are to be placed in sites-available directory and to publish either they are to be copied or symlinked to sites-enabled directory.

Default conf is

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Default server configuration
#
server {
        listen 80 default_server;
        listen [::]:80 default_server;

        # SSL configuration
        #
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        #
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        #
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        #
        # include snippets/snakeoil.conf;

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        # pass PHP scripts to FastCGI server
        #
        #location ~ \.php$ {
        #       include snippets/fastcgi-php.conf;
        #
        #       # With php-fpm (or other unix sockets):
        #       fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        #       # With php-cgi (or other tcp sockets):
        #       fastcgi_pass 127.0.0.1:9000;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#       listen 80;
#       listen [::]:80;
#
#       server_name example.com;
#
#       root /var/www/example.com;
#       index index.html;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}

Configuration for HTTP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# /etc/nginx/sites-available/myrailsapp.conf
server {

    listen 80;
    listen [::]:80;

    server_name myrailsapp.ideabreed.net;

    # Make sure static assets in public dir is served by Nginx
    # Static assets are better served by HTTP servers, make sure you have configured your rails
    #  app accordingly. Rails 5 comes with default configuration to let nginx server static assets.
    #  see production.rb file.
    root /var/www/myrailsapp/public;

    try_files $uri/index.html $uri @app;

    location @app {
        proxy_pass http://localhost:40;

        # HTTP header info need to be passed to the rails-app-server so that it can verify the
        #  credibility of the request. Otherwise rails will reject all the form submissions.
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;
    }

    error_page 500 502 503 504 /500.html;
    client_max_body_size 4G;
    keepalive_timeout 10;

}

For this you need to make sure your rails app is running on port 40 or similar.


Configuration for HTTPS with SSL

Http

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
server {
    server_name myrailsapp.ideabreed.net;


    # Make sure static assets in public dir is served by Nginx
    # Static assets are better served by HTTP servers, make sure you have configured your rails
    #  app accordingly. Rails 5 comes with default configuration to let nginx server static assets.
    #  see production.rb file.
    root /var/www/production/myrailsapp/public;

    try_files $uri/index.html $uri @app;

    location @app {
        proxy_pass http://localhost:40;


        # HTTP header info need to be passed to the rails-app-server so that it can verify the
        #  credibility of the request. Otherwise rails will reject all the form submissions.

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto https;
        proxy_redirect off;
    }

    error_page 500 502 503 504 /500.html;
    client_max_body_size 4G;
    keepalive_timeout 10;


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/ideabreed.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ideabreed.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}


# Permanently redirecting HTTP requests to HTTPS
server {
    if ($host = myrailsapp.ideabreed.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name myrailsapp.ideabreed.net;
    return 404; # managed by Certbot
}

Publish the configuration

Online publishing tools Create a symlink of the conf file to sites-enabled

1
ln -s /etc/nginx/sites-available/myrailsapp.conf /etc/nginx/sites-enabled/myrailsapp.conf  -f

Restart the nginx server

1
 sudo systemctl restart nginx

HTTPS Configuration with CertBot

Certbot logo 1a

Go to https://certbot.eff.org and select your HTTP server(eg. nginx) and OS(eg. Ubuntu 18.04).

This will re-fetch relevant info for your context. Scroll down and see how to install certbot in your machine.

Auto renewal Every Year

1
certbot --dry-run

You might also like

You will get to know how to install and configure nginx to serve multiple rails app from the same server.
Read More..


Write To Me

Hire me shiva bhusal
We'll never share your email with anyone else.
I'll never share your email with anyone else.