Skip to content

Instantly share code, notes, and snippets.

@JeDaYoshi
Last active September 9, 2020 19:49
Show Gist options
  • Save JeDaYoshi/cd7378dc7275ee3d617195665f62e58e to your computer and use it in GitHub Desktop.
Save JeDaYoshi/cd7378dc7275ee3d617195665f62e58e to your computer and use it in GitHub Desktop.
nginx example configuration for Cryb
# example config for reverse proxy in nginx for Cryb
# change cryb.app for your domain
# also make a SSL certificate that applies either to all of your subdomains or cryb.app and *.cryb.app
# also setup your server to forward HTTP requests to HTTPS, if you want to keep that.
# - jeda.im
# default config - use this if you're dedicating your web
# server for Cryb, or edit as your convenience
server {
listen 80 default_server;
listen 443 ssl http2 default_server;
listen [::]:80 default_server;
listen [::]:443 ssl http2 default_server;
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
server_name www.cryb.app;
return 301 https://cryb.app$request_uri;
}
# @cryb/web
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
server_name cryb.app;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# @cryb/api
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
server_name api.cryb.app;
location / {
proxy_pass http://localhost:4000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_cache_bypass $http_upgrade;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# @cryb/portals
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
server_name portals.cryb.app;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# @cryb/aperture
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
server_name aperture.cryb.app;
location / {
proxy_pass http://localhost:9001;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# @cryb/aperture (streaming) - people seem to be having issue with this one
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
server_name streaming.cryb.app;
location / {
proxy_pass http://localhost:9000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# example config for reverse proxy in nginx for Cryb without SSL
# change cryb.app for your domain
# this isn't recommended, but provided for completeness
# - jeda.im
# default config - use this if you're dedicating your web
# server for Cryb, or edit as your convenience
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name www.cryb.app;
return 301 http://cryb.app$request_uri;
}
# @cryb/web
server {
listen 80;
listen [::]:80;
server_name cryb.app;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# @cryb/api
server {
listen 80;
listen [::]:80;
server_name api.cryb.app;
location / {
proxy_pass http://localhost:4000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_cache_bypass $http_upgrade;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# @cryb/portals
server {
listen 80;
listen [::]:80;
server_name portals.cryb.app;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# @cryb/aperture
server {
listen 80;
listen [::]:80;
server_name aperture.cryb.app;
location / {
proxy_pass http://localhost:9001;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
# @cryb/aperture (streaming) - people seem to be having issue with this one
server {
listen 80;
listen [::]:80;
server_name streaming.cryb.app;
location / {
proxy_pass http://localhost:9000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment