Created
January 31, 2017 13:12
-
-
Save TechplexEngineer/5cd954e1b2cfb1549164ac84c0a2a4bb to your computer and use it in GitHub Desktop.
Sample NGINX configuration showing how to proxy meteor and enable letsencrypt webroot renewal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Dev server configuration | |
| # | |
| server_tokens off; # for security-by-obscurity: stop displaying nginx version | |
| # this section is needed to proxy web-socket connections | |
| map $http_upgrade $connection_upgrade { | |
| default upgrade; | |
| '' close; | |
| } | |
| upstream app_name { | |
| ip_hash; # for sticky sessions, more below | |
| server 192.168.1.100:3000; # server 1 | |
| } | |
| server { | |
| listen 80; | |
| server_name example.com; | |
| # and all other "server" directives | |
| location ^~ /.well-known/acme-challenge { | |
| alias /var/www/html/.well-known/acme-challenge/; | |
| } | |
| location / { | |
| # the "hostname" below must be same {{app_name}} from upstream directive above | |
| proxy_pass http://app_name; | |
| # and all other "location" directives | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade $http_upgrade; # allow websockets | |
| proxy_set_header Connection $connection_upgrade; | |
| proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP | |
| # this setting allows the browser to cache the application in a way compatible with Meteor | |
| # on every applicaiton update the name of CSS and JS file is different, so they can be cache infinitely (here: 30 days) | |
| # the root path (/) MUST NOT be cached | |
| if ($uri != '/') { | |
| expires 30d; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment