I do not edit nginx core conf files, instead I added a conf file in conf.d
This is my proxy setup for my nodeBB instance. My nodeBB is only another VM instead of on the same as NginX, so I have a internal IP listed in there for the redirect instead of 127.0.0.1 loopback.
# /etc/nginx/conf.d/obelisk.daerma.com.conf
server {
client_max_body_size 40M;
listen 443 ssl;
server_name obelisk.daerma.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/daerma.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/daerma.com/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://10.254.0.106:4567;
proxy_redirect off;
# Socket.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
server {
client_max_body_size 40M;
listen 80;
server_name obelisk.daerma.com;
rewrite ^ https://$server_name$request_uri? permanent;
}