Created
July 14, 2019 01:43
-
-
Save heesoo/0f13657dc3745c19cff55f582b70bd0b to your computer and use it in GitHub Desktop.
Nginx Reverse Proxy Subpath for Jupyter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # setting up upstream to Jupyter running on port 8889 | |
| upstream notebook { | |
| server localhost:8889; | |
| keepalive 32; | |
| } | |
| server { | |
| root /var/www/html; | |
| # Add index.php to the list if you are using PHP | |
| index index.html index.htm index.nginx-debian.html; | |
| server_name YOURDOMAIN.com; # managed by Certbot | |
| location / { | |
| # First attempt to serve request as file, then | |
| # as directory, then fall back to displaying a 404. | |
| try_files $uri $uri/ =404; | |
| } | |
| location = /notebook { | |
| rewrite ^/(.*)$ $1/ permanent; | |
| } | |
| location /notebook { | |
| error_page 403 = @proxy_notebook; | |
| deny 127.0.0.1; | |
| allow all; | |
| # set a webroot, if there is one | |
| root /some-webroot; | |
| try_files $uri @proxy_notebook; | |
| } | |
| location @proxy_notebook { | |
| proxy_read_timeout 300s; | |
| proxy_pass http://notebook; | |
| proxy_set_header X-Real-Ip $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | |
| location ~ /notebook/api/kernels/ { | |
| proxy_pass http://notebook; | |
| proxy_set_header Host $host; | |
| # websocket support | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade "websocket"; | |
| proxy_set_header Connection "Upgrade"; | |
| proxy_read_timeout 86400; | |
| } | |
| location ~ /notebook/terminals/ { | |
| proxy_pass http://notebook; | |
| proxy_set_header Host $host; | |
| # websocket support | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade "websocket"; | |
| proxy_set_header Connection "Upgrade"; | |
| proxy_read_timeout 86400; | |
| } | |
| listen [::]:443 ssl ipv6only=on; # managed by Certbot | |
| listen 443 ssl; # managed by Certbot | |
| ssl_certificate /etc/letsencrypt/live/YOURDOMAIN.com/fullchain.pem; # managed by Certbot | |
| ssl_certificate_key /etc/letsencrypt/live/YOURDOMAIN.com/privkey.pem; # managed by Certbot | |
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
| ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
| } | |
| server { | |
| if ($host = YOURDOMAIN.com) { | |
| return 301 https://$host$request_uri; | |
| } # managed by Certbot | |
| listen 80 ; | |
| listen [::]:80 ; | |
| server_name YOURDOMAIN.com; | |
| return 404; # managed by Certbot | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment