-
-
Save amos-kibet/d26ed162fdfbc2c58aaa365b30b571f9 to your computer and use it in GitHub Desktop.
Serve nextJS app from a port through NGINX reverse proxy HTTP and HTTPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Serve nextJS app from a port through NGINX reverse proxy (HTTP) | |
# Path: /etc/nginx/sites-available/default | |
# Default server configuration for HTTP | |
server { | |
server_name www.DOMAINNAME.com DOMAINNAME.com; | |
# Serve any static assets with NGINX | |
location /_next/static { | |
alias /home/ubuntu/PROJECT_FOLDER/.next/static; | |
add_header Cache-Control "public, max-age=3600, immutable"; | |
} | |
location / { | |
try_files $uri.html $uri/index.html # only serve html files from this dir | |
@public | |
@nextjs; | |
add_header Cache-Control "public, max-age=3600"; | |
} | |
location @public { | |
add_header Cache-Control "public, max-age=3600"; | |
} | |
location @nextjs { | |
# reverse proxy for next server | |
proxy_pass http://localhost:8080; #Don't forget to update your port number | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection 'upgrade'; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
} | |
listen 80 default_server; | |
listen [::]:80; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Serve nextJS app from a port through NGINX reverse proxy (HTTPS) | |
# Path: /etc/nginx/sites-available/default | |
# Default server configuration for HTTPS | |
server { | |
server_name www.DOMAINNAME.com DOMAINNAME.com; | |
# Serve any static assets with NGINX | |
location /_next/static { | |
alias /home/ubuntu/PROJECT_FOLDER/.next/static; | |
add_header Cache-Control "public, max-age=3600, immutable"; | |
} | |
location / { | |
try_files $uri.html $uri/index.html # only serve html files from this dir | |
@public | |
@nextjs; | |
add_header Cache-Control "public, max-age=3600"; | |
} | |
location @public { | |
add_header Cache-Control "public, max-age=3600"; | |
} | |
location @nextjs { | |
# reverse proxy for next server | |
proxy_pass http://localhost:8080; #Don't forget to update your port number | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection 'upgrade'; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
} | |
listen [::]:443 ssl ipv6only=on; | |
listen 443 ssl default_server; | |
# Update with your SSL files. This is certbot genrated SSL details | |
# Steps to generate cerbot SSL https://certbot.eff.org/lets-encrypt/ubuntufocal-nginx | |
ssl_certificate /etc/letsencrypt/live/SOME_PROJECT_NAME/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/SOME_PROJECT_NAME/privkey.pem; | |
include /etc/letsencrypt/options-ssl-nginx.conf; | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; | |
} | |
server { | |
if ($host = www.DOMAINNAME.com) { | |
return 301 https://$host$request_uri; | |
} | |
if ($host = DOMAINNAME.com) { | |
return 301 https://$host$request_uri; | |
} | |
listen 80 ; | |
listen [::]:80 ; | |
server_name www.DOMAINNAME.com DOMAINNAME.com; | |
return 301 https://$host$request_uri; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Test Nginx config | |
sudo nginx -t | |
# If you got error then just delete the log.txt file then | |
sudo nginx -s reload | |
# Status | |
sudo systemctl status nginx | |
# start | |
sudo systemctl start nginx | |
# Restart | |
sudo systemctl restart nginx | |
# Stop | |
sudo systemctl stop nginx | |
# Nginx Security | |
sudo ufw app list | |
sudo ufw allow 'Nginx Full' | |
# Port verification | |
sudo lsof -i TCP:80 | |
#for SSH | |
# https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment