Walkthrough for creating reverse proxy with nginx

Please I need a complete and succinct walkthrough for creating a reverse proxy with Nginx and finally securing it with letsencypt’s certbort.
I am working on an Ubuntu 20.04 server, and I have been able to deploy the cms but got stuck at the whole reverse proxy thing, as all the instructions in the Xibo manual are for apache

I am using the docker-compose installation. I have done the port changes to the cms_custom-ports.yml file.

Until I get a great answer, right now my only way of working on the cms is to restore the cms_custom-ports.yml file to defaults, and also kill Nginx so port 80 is free, else I will keep getting a PHP info page.
Please what next do I do?, so everything runs fine with Nginx
I need an answer soon
thank you

There’s not really anything special about configuring a reverse proxy for Xibo with nginx.

There’s loads of great guides out there for using nginx as a reverse proxy, and using LetsEncrypt with nginx as well, so writing those in full is outside the scope of what we can support.

The key things you need to ensure are:

  1. The Host header is passed through to Xibo in full
  2. X-Forwarded-For and X-Forwarded-Proto headers are set by the proxy. The latter should be either http or https depending on what protocol the request arrived at the proxy using.
  3. You don’t redirect http connections to https automatically. If you want to do that, use the setting in Xibo to do it rather than having the proxy do the redirect.

Broadly speaking you want something like:

location / {
    proxy_pass    ;
    proxy_set_header        Host                    $host;
    proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto       $scheme;
    client_max_body_size 4G;

Once you have that working for http then you can add https.

In my view though, it’s far easier if you’re running the CMS in Docker to also run the reverse proxy in Docker, and then if you use something like nginx-proxy all this is automated for you, including the SSL with LetsEncrypt. The only thing you’d need to add is the client_max_body setting which you can do with a per-vhost configuration file.

1 Like

Thank you very much Alex I would work on getting this fixed, probably will start with using that github repository you linked

Will label this as solved once i get it working.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.