NGINX

NGINX Configuration

Configure your reverse proxy

After configuring the docker file according to your needs and starting the corresponding docker container we recommend configuring a reverse proxy like nginx to forward the traffic of a certain domain to the correct ip and port as configured with the bind parameter. For nginx, this could look like this:

server {
        listen 80;
        server_name <your domain>;

        location / {
                proxy_pass http://127.0.0.1:8080;
	                         # the port you set in the docker-compose file with the
  			      # GUNICORN_CMD_ARGS environmental varialbe
        }
}

A similar configuration might be also necessary if you want to use your own S3 storage. Additionally, you should configure your reverse proxy for ssl encryption and forward the traffic on port 443 to the FURTHRmind server application.


Nginx configuration file for OnlyOffice

This is a working example configuration for nginx to connect to the onlyoffice installation.

#Use this example for proxy traffic to the document server running at 'backendserver-address'.

server {
  server_name <add your url to the server>;
  server_tokens off;
  
  location / {
    proxy_pass http://docservice;
    proxy_http_version 1.1;
  }
}

upstream docservice {
  server 127.0.0.1:8080;   
# the port where your onlyoffice installation is listening, can be 
# determined in your docker-compose file for your onlyoffice installation
}

map $http_host $this_host {
    "" $host;
    default $http_host;
}

map $http_x_forwarded_proto $the_scheme {
     default $http_x_forwarded_proto;
     "" $scheme;
}

map $http_x_forwarded_host $the_host {
    default $http_x_forwarded_host;
    "" $this_host;
}

map $http_upgrade $proxy_connection {
  default upgrade;
  "" close;
}

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $the_host;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Nginx Configuration file for minio (S3 storage)


server {
        server_name <add your url to the server>;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $http_host;

                proxy_connect_timeout 300;
                # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
                proxy_http_version 1.1;
                proxy_set_header Connection "";
                chunked_transfer_encoding off;
                proxy_pass http://127.0.0.1:9000;
        }
        client_max_body_size 10M;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/metu-s3.furthrmind.app/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/metu-s3.furthrmind.app/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = metu-s3.furthrmind.app) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        server_name <add your url to the server>;
    return 404; # managed by Certbot


}