Documentation nginx configuration #1
Description
$ less /etc/nginx/sites-available/default
upstream solid-community-server {
server 127.0.0.1:3000;
}
server {
listen 80;
listen [::]:80;
server_name teamid.live;
server_tokens off; ## Don't show the nginx version number, a security best practice
return 301 https://$http_host$request_uri;
}
# Proxy traffic for https://solid.example/ to http://localhost:3000/
server {
server_name teamid.live;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/archive/teamid.live/fullchain5.pem;
ssl_certificate_key /etc/letsencrypt/archive/teamid.live/privkey5.pem;
ssl_trusted_certificate /etc/letsencrypt/live/teamid.live/lets-encrypt-x3-cross-signed.pem;
#rewrite ^/$ somewhereelse/index.html permanent;
access_log /var/log/nginx/css_ssl_access.log;
error_log /var/log/nginx/css_ssl_error.log;
# Include this for certificate renewal if you are using Let's Encrypt
include snippets/https.conf;
location ^~ /.well-known/acme-challenge/ {
root /var/www/teamid.live; # or a folder of your choice
}
# Proxy all other trafic to the Solid server
location / {
# Delegate to the Solid server, passing the original host and protocol
proxy_pass http://solid-community-server$request_uri;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
# Pass these headers from the Solid server back to the client
proxy_pass_header Server;
proxy_pass_header Set-Cookie;
# Enable Websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}