Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
AWS API Gateway Nginx Reverse Proxy
# NOTE
#
#
# Use sed on the instance up to replace the INSTANCE_ID and DNS_RESOLVER with the following commands
#
####################################################################################################
# Fetch the private IP for resolving DNS dynamically in nginx
# We also need to escape the `.` from it for usage in later sed
#
# DNS_RESOLVER=`grep nameserver /etc/resolv.conf | cut -d " " -f2 | sed 's/\./\\./g'`
# INSTANCE_ID=`curl http://169.254.169.254/latest/meta-data/instance-id`
# sed -i.bak "s/DNS_RESOLVER/$DNS_RESOLVER/" /etc/nginx/nginx.conf
# sed -i.bak "s/INSTANCE_ID/$INSTANCE_ID/" /etc/nginx/nginx.conf
####################################################################################################
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$http_host" "$served_host$prefix"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
proxy_ssl_server_name on; # critical for SNI support
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
# Change mappings based on region and target API Gateway for Region
map $http_host $served_host {
api.example.com abcde12345.execute-api.us-east-2.amazonaws.com;
}
map $http_host $prefix {
default "";
api.example.com /prod;
us-east-2-api.example.com /prod;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location /_proxy/healthcheck {
return 200 '{"status": "ok", "message": "proxy is in service", "instance", "INSTANCE_ID"}';
add_header Content-Type application/json;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location / {
resolver DNS_RESOLVER;
proxy_pass https://$served_host$prefix$uri$is_args$args;
proxy_set_header Host $served_host;
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 600s;
proxy_redirect off;
}
}
}
@tanmaybaranwal

This comment has been minimized.

Copy link

@tanmaybaranwal tanmaybaranwal commented May 19, 2018

What would be these configuration modules include /usr/share/nginx/modules/*.conf; ? They aren't there by default.

@dszortyka

This comment has been minimized.

Copy link

@dszortyka dszortyka commented Dec 9, 2020

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment