Install Nginx as a Reverse Proxy on Fedora 27
-
@eddiejennings Correct.
-
@JaredBusch This is from the Nginx website under pitfalls and common mistakes. I read that return's are much faster than rewrites due to not needing to evaluate RegEx(?) which is why you see return listed as a better option. I know you use rewrite and there's a lot you know that I don't so I was just wondering why that is your preference
-
@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:
certbot --nginx -n --email [email protected] --agree-tos --domains nc.domain.comAdding
--redirecttells certbot to redirect http to https. -
@aaronstuder said in Install Nginx as a Reverse Proxy on Fedora 27:
@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:
certbot --nginx -n --email [email protected] --agree-tos --domains nc.domain.comAdding
--redirecttells certbot to redirect http to https.I had no idea you could do this
-
@wirestyle22 You learn something new everyday! This is what I learned
-
@aaronstuder Can you paste the edit to the server block? I'd like to see what it looks like after
--redirectis run -
server { client_max_body_size 40M; server_name domain.com; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://10.157.95.208:80; proxy_redirect off; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # m$ ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; #$ include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot server { if ($host = domain.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name domain.com; return 404; # managed by Certbot } -
@aaronstuder Hmm, looks like mine but I didn't use the --redirect.
-
@obsolesce Maybe you adding it manually?
-
It's standard. Only part you shouldn't have is the commented out parts.
-
@wirestyle22 said in Install Nginx as a Reverse Proxy on Fedora 27:
@JaredBusch This is from the Nginx website under pitfalls and common mistakes. I read that return's are much faster than rewrites due to not needing to evaluate RegEx(?) which is why you see return listed as a better option. I know you use rewrite and there's a lot you know that I don't so I was just wondering why that is your preference
I updated the OP to reflect this.
Using the
return 301 https://$host$request_uri;style. -
What is a good "size" for a VM that is strictly a reverse proxy? Would 20Gb be sufficient as it is not storing any data other than log files?
-
@brandon220 said in Install Nginx as a Reverse Proxy on Fedora 27:
What is a good "size" for a VM that is strictly a reverse proxy? Would 20Gb be sufficient as it is not storing any data other than log files?
Yes. 15-20 GB is enough to run with a minimal install.
-
@brandon220 said in Install Nginx as a Reverse Proxy on Fedora 27:
What is a good "size" for a VM that is strictly a reverse proxy? Would 20Gb be sufficient as it is not storing any data other than log files?
Likely just fine. I use 24GB for small servers like this. And 32GB for the big ones.
-
I thin provision, so a little extra is no problem for me.
-
@scottalanmiller Yeah, thin provisioning makes sense for something like this for sure
-
@wirestyle22 said in Install Nginx as a Reverse Proxy on Fedora 27:
@scottalanmiller Yeah, thin provisioning makes sense for something like this for sure
For almost everything thin provisioning makes sense. I'm sure there is an exception to the rule but I can't think of one off the top of my head.
-
@coliver said in Install Nginx as a Reverse Proxy on Fedora 27:
@wirestyle22 said in Install Nginx as a Reverse Proxy on Fedora 27:
@scottalanmiller Yeah, thin provisioning makes sense for something like this for sure
For almost everything thin provisioning makes sense. I'm sure there is an exception to the rule but I can't think of one off the top of my head.
Databases?
-
@black3dynamite said in Install Nginx as a Reverse Proxy on Fedora 27:
@coliver said in Install Nginx as a Reverse Proxy on Fedora 27:
@wirestyle22 said in Install Nginx as a Reverse Proxy on Fedora 27:
@scottalanmiller Yeah, thin provisioning makes sense for something like this for sure
For almost everything thin provisioning makes sense. I'm sure there is an exception to the rule but I can't think of one off the top of my head.
Databases?
That would generally be it. HOWEVER, I normally put my DB on thin provisioning and have a separate, dedicated storage just for the data (DB files) which is thick provisioned.
Or if on Scale, the main storage gets a low HEAT score and the dedicated DB files gets set to 11.
-
@scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:
Or if on Scale, the main storage gets a low HEAT score and the dedicated DB files gets set to 11.
