documents/dev/nginx.md
Table of Contents
nginx
configure root folder
- Config file is usually
/etc/nginx/nginx.conf - In mac, it's
/usr/local/etc/nginx/nginx.conf - To use a local folder, change
user www-data;touser dominick; - Under
/etc/nginx/sites-enabled/default
Mac server configuration:
- Basic auth file location:
/usr/local/etc/nginx/.htpasswd - Username:
dom - Password:
cannon
serve folder
server {
listen 80;
server_name localhost;
root /home/dominick/Work;
index index.php index.html index.htm index.nginx-debian.html;
location / {
autoindex on;
}
}
Proxy
Server {
Listen 80 default_server;
listen [::]:80 default_server;
Location / { proxy_pass http://localhost:8080; }
}
server {
listen 80;
server_name some.domain.com;
location / { proxy_pass http://localhost:3000; }
}
#For websockets…
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
Proxy with Basic Auth (PWA-friendly)
When using basic auth with a PWA, exclude PWA resources from authentication so Chrome can validate installability:
server {
listen 443 ssl;
server_name your-domain.com;
# SSL configuration...
# PWA resources - NO auth required
location ~ ^/(public/manifest\.json|service-worker\.js|public/icons/) {
auth_basic off;
proxy_pass http://localhost:3007;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
# Everything else - requires auth
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://localhost:3007;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Important: Chrome's automatic installability checks need unauthenticated access to:
/public/manifest.json/service-worker.js/public/icons/*(all icon files)