documentation/Nginx-Reverse-Proxy-Configuration.md

29 lines
No EOL
1,001 B
Markdown

This is a very basic nginx reverse proxy config, secured with Let's Encrypt. Do not forget to replace ServerName with your domain and make sure you are redirecting `proxy_pass` to the correct port.
```
# This first block redirects non-HTTPS traffic to secure port 443. Optional, but recommended.
server {
listen 80;
listen [::]:80;
server_name invidious.domain.tld;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name invidious.domain.tld;
ssl_certificate /etc/letsencrypt/live/invidious.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/invidious.domain.tld/privkey.pem;
location / {
proxy_pass http://127.0.0.1:3000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
```