Last active
September 9, 2020 19:49
-
-
Save JeDaYoshi/cd7378dc7275ee3d617195665f62e58e to your computer and use it in GitHub Desktop.
nginx example configuration for Cryb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# example config for reverse proxy in nginx for Cryb | |
# change cryb.app for your domain | |
# also make a SSL certificate that applies either to all of your subdomains or cryb.app and *.cryb.app | |
# also setup your server to forward HTTP requests to HTTPS, if you want to keep that. | |
# - jeda.im | |
# default config - use this if you're dedicating your web | |
# server for Cryb, or edit as your convenience | |
server { | |
listen 80 default_server; | |
listen 443 ssl http2 default_server; | |
listen [::]:80 default_server; | |
listen [::]:443 ssl http2 default_server; | |
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt; | |
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key; | |
server_name www.cryb.app; | |
return 301 https://cryb.app$request_uri; | |
} | |
# @cryb/web | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt; | |
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key; | |
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
server_name cryb.app; | |
location / { | |
proxy_pass http://localhost:3000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
} | |
# @cryb/api | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt; | |
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key; | |
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
server_name api.cryb.app; | |
location / { | |
proxy_pass http://localhost:4000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "Upgrade"; | |
proxy_cache_bypass $http_upgrade; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} | |
# @cryb/portals | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt; | |
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key; | |
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
server_name portals.cryb.app; | |
location / { | |
proxy_pass http://localhost:5000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "Upgrade"; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} | |
# @cryb/aperture | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt; | |
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key; | |
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
server_name aperture.cryb.app; | |
location / { | |
proxy_pass http://localhost:9001; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} | |
# @cryb/aperture (streaming) - people seem to be having issue with this one | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
ssl_certificate /etc/ssl/acme.sh/cryb.app.crt; | |
ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key; | |
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
server_name streaming.cryb.app; | |
location / { | |
proxy_pass http://localhost:9000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# example config for reverse proxy in nginx for Cryb without SSL | |
# change cryb.app for your domain | |
# this isn't recommended, but provided for completeness | |
# - jeda.im | |
# default config - use this if you're dedicating your web | |
# server for Cryb, or edit as your convenience | |
server { | |
listen 80 default_server; | |
listen [::]:80 default_server; | |
server_name www.cryb.app; | |
return 301 http://cryb.app$request_uri; | |
} | |
# @cryb/web | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name cryb.app; | |
location / { | |
proxy_pass http://localhost:3000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
} | |
# @cryb/api | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name api.cryb.app; | |
location / { | |
proxy_pass http://localhost:4000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "Upgrade"; | |
proxy_cache_bypass $http_upgrade; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} | |
# @cryb/portals | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name portals.cryb.app; | |
location / { | |
proxy_pass http://localhost:5000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "Upgrade"; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} | |
# @cryb/aperture | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name aperture.cryb.app; | |
location / { | |
proxy_pass http://localhost:9001; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} | |
# @cryb/aperture (streaming) - people seem to be having issue with this one | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name streaming.cryb.app; | |
location / { | |
proxy_pass http://localhost:9000; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_connect_timeout 7d; | |
proxy_send_timeout 7d; | |
proxy_read_timeout 7d; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment