Skip to content

Instantly share code, notes, and snippets.

@jerowe

jerowe/gist:353cf0d40bd93ed91671

Last active January 3, 2019 13:01
Show Gist options
  • Save jerowe/353cf0d40bd93ed91671 to your computer and use it in GitHub Desktop.
Save jerowe/353cf0d40bd93ed91671 to your computer and use it in GitHub Desktop.
Download ZIP
Perl Catalyst with Ngninx and SSL
Raw
gistfile1.md

Nginx config

make a directory /etc/nginx/include.d

in /etc/nginx/conf.d/default.conf

#
# The default server
#
server {
    listen       80 default_server;
    server_name myhost.com myhost;
    rewrite ^/(.*) https://myhost.com/$1 permanent;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    error_page  404              /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

server {
    listen 443;

    ssl on;

    ssl_certificate /etc/pki/tls/certs/myhost.crt;
    ssl_certificate_key /etc/pki/tls/certs/myhost.key;

    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;

    root /var/www/myhost;
    access_log /var/log/nginx/myhost.access.ssl.log main;
    error_log /var/log/nginx/myhost.error.ssl.log info;

    client_max_body_size 4G;
    keepalive_timeout 10;

###########################
# Static Content
###########################

#Still figuring this out

###########################
# Catalyst Apps
###########################

include /etc/nginx/include.d/myapp1.conf

}

in /etc/nginx/include.d/myapp1.conf

#MyApp1

    location /myapp1/ { # Or, simply "location /"
        proxy_pass  http://localhost:8080/;
        proxy_redirect http://localhost:8080/ /myapp1;

        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $http_host/myapp1;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for/myapp1;
        proxy_set_header X-Forwarded-Proto https; 
    }

# Within catalyst I have my skeleton set up as 
# MyApp/root/myapp/{static,src}

    location /myapp1/static
    {
        alias /var/www/MyApp1/root/myapp1/static; 
    }

Catalyst config

in MyApp/lib/MyApp

use CatalystX::RoleApplicator;

extends 'Catalyst';

__PACKAGE__->config->{using_frontend_proxy} = 1;
__PACKAGE__->config->{"X-Forwarded-Port"} = 443;

 __PACKAGE__->apply_request_class_roles(qw/
    Catalyst::TraitFor::Request::ProxyBase
/);

__PACKAGE__->setup();

Acknowledgements

This module was originally developed at and for Weill Cornell Medical College in Qatar within ITS Advanced Computing Team. With approval from WCMC-Q, this information was generalized and put on github, for which the authors would like to express their gratitude.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment