Install Nginx as a Reverse Proxy on Fedora 27



  • @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

    Before you can request your SSL certificate, you have to have a valid configuration file in place listening on port 80.
    Nginx stores the configuration files in /etc/nginx/conf.d/, so let's make our nextcloud.conf.
    I am not going to go aver all the pieces here. If you want ot know more about what all these settings mean, go look them up.
    Finally, this is a sample base don Nextcloud. Change it to fit your application needs.
    The structure may look strange at first, but there is a method to my madness. It is based on how certbot --nginx works.

    cat > /etc/nginx/conf.d/nextcloud.conf <<EOF
    server {
        client_max_body_size 40M;
        server_name nc.domain.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
        location / {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass http://10.150.0.17;
            proxy_redirect off;
            # Socket.IO Support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    ##    ssl_stapling on;
    ##    ssl_stapling_verify on;
    ##    ssl_session_cache shared:SSL:10m;
    ##    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
        listen 80;
    }
    ##server {
    ##    client_max_body_size 40M;
    #    listen 80;
    ##    server_name nc.domain.com;
    ##    return 301 https://$host$request_uri;
    ##}
    EOF
    

    NOTE: This is on purpose only one # while the others have two, # listen 80;.

    Test the config

    nginx -t
    

    When I run this step, I get an error.

    [[email protected] ~]# nginx -t
    nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
    nginx: configuration file /etc/nginx/nginx.conf test failed
    


  • @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

    Before you can request your SSL certificate, you have to have a valid configuration file in place listening on port 80.
    Nginx stores the configuration files in /etc/nginx/conf.d/, so let's make our nextcloud.conf.
    I am not going to go aver all the pieces here. If you want ot know more about what all these settings mean, go look them up.
    Finally, this is a sample base don Nextcloud. Change it to fit your application needs.
    The structure may look strange at first, but there is a method to my madness. It is based on how certbot --nginx works.

    cat > /etc/nginx/conf.d/nextcloud.conf <<EOF
    server {
        client_max_body_size 40M;
        server_name nc.domain.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
        location / {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass http://10.150.0.17;
            proxy_redirect off;
            # Socket.IO Support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    ##    ssl_stapling on;
    ##    ssl_stapling_verify on;
    ##    ssl_session_cache shared:SSL:10m;
    ##    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
        listen 80;
    }
    ##server {
    ##    client_max_body_size 40M;
    #    listen 80;
    ##    server_name nc.domain.com;
    ##    return 301 https://$host$request_uri;
    ##}
    EOF
    

    NOTE: This is on purpose only one # while the others have two, # listen 80;.

    Test the config

    nginx -t
    

    When I run this step, I get an error.

    [[email protected] ~]# nginx -t
    nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
    nginx: configuration file /etc/nginx/nginx.conf test failed
    

    You've got the same thing in both the server { and location / { sections. If that's not a copy/paste error, remove them from the server { section.



  • I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on



  • @travisdh1 said in Install Nginx as a Reverse Proxy on Fedora 27:

    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

    Before you can request your SSL certificate, you have to have a valid configuration file in place listening on port 80.
    Nginx stores the configuration files in /etc/nginx/conf.d/, so let's make our nextcloud.conf.
    I am not going to go aver all the pieces here. If you want ot know more about what all these settings mean, go look them up.
    Finally, this is a sample base don Nextcloud. Change it to fit your application needs.
    The structure may look strange at first, but there is a method to my madness. It is based on how certbot --nginx works.

    cat > /etc/nginx/conf.d/nextcloud.conf <<EOF
    server {
        client_max_body_size 40M;
        server_name nc.domain.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
        location / {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass http://10.150.0.17;
            proxy_redirect off;
            # Socket.IO Support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    ##    ssl_stapling on;
    ##    ssl_stapling_verify on;
    ##    ssl_session_cache shared:SSL:10m;
    ##    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
        listen 80;
    }
    ##server {
    ##    client_max_body_size 40M;
    #    listen 80;
    ##    server_name nc.domain.com;
    ##    return 301 https://$host$request_uri;
    ##}
    EOF
    

    NOTE: This is on purpose only one # while the others have two, # listen 80;.

    Test the config

    nginx -t
    

    When I run this step, I get an error.

    [[email protected] ~]# nginx -t
    nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
    nginx: configuration file /etc/nginx/nginx.conf test failed
    

    You've got the same thing in both the server { and location / { sections. If that's not a copy/paste error, remove them from the server { section.

    that's not mine, that is from @JaredBusch



  • @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

    Why do you need an A record?



  • @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

    Why do you need an A record?

    I need an external DNS record. Certbot failed because it said it needed an A record.



  • @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

    Why do you need an A record?

    I need an external DNS record. Certbot failed because it said it needed an A record.

    OIC



  • I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.



  • @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

    How long would it take to move to a good DNS provider?



  • Rhetorical question, answer is "about two hours."



  • @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

    How long would it take to move to a good DNS provider?

    The problem is that his entire domain is apparently outsource and not in theri control. Or this would be trivial.



  • @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

    Rhetorical question, answer is "about two hours."

    And then 24 hours for replication 😛



  • So far, all of that external stuff has been under the "marketing" department, and I have no part of it. It also predates me at this company, probably by a decade. The marketing lady can be a PITA sometimes, so I don't want to step into that fire until I actually have to.



  • @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

    @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

    I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

    How long would it take to move to a good DNS provider?

    The problem is that his entire domain is apparently outsource and not in theri control. Or this would be trivial.

    It's cutting off the outsourcing that I'm trying to fix 🙂



  • @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

    client_max_body_size 40M;
    

    One thing I just ran into was having to up this limit to be able to sync larger files. I would suggest flagging that in the first post so someone like me would know to change this if they work with larger files. I set mine to 16G. For some reason, this only effected the NC sync client, the browser upload as increased by other means.