In a previous article I wrote about using Squid for performing reverse proxy services. The new hotness on the block for such activity is called nginx. Nginx is a great tool for performing host proxying and SSL proxying. I'm using it to sit in front of Node apps because of it's support for websockets. Anyways, here's a getting started guide!
Installation
To install the latest version of nginx on Ubuntu 12.04, you will need to add a PPA for nginx stable from launchpad.
sudo apt-get install software-properties-common python-software-properties
Then we can add the PPA
sudo add-apt-repository ppa:nginx/stable
Then update apt-get
sudo apt-get update
Finally we can install nginx
sudo apt-get install nginx
Voila! You now have nginx installed under a service called nginx
. You can check the version with
nginx -v
Additionally, nginx installs configuration files to /etc/nginx
. Of particulare note are the /etc/nginx/sites-available
folder that contains the list of available configurations and /etc/nginx/sites-enabled
that contains the list of active configurations.
Configuration
The Beginner's Guide has some good information about the basic configuration. Additionally, there is information about configuring Reverse Proxies that can be useful for additional customization.
Remove the default configuration
To start out with what you can do is go remove the default configuration.
cd /etc/nginx/sites-enabled
sudo rm default
This will remove the symbolic link to the default configuration. You can refer to this configuration for additional examples of configuration, but I start from scratch with mine.
Step 1: Create a new configuration
Now that we removed the default site, we need to create a new configuration in the sites-available
directory.
sudo touch /etc/nginx/sites-available/reverse_proxy
Then create a symbolic link to it in the sites-enabled
directory.
cd /etc/nginx/sites-enabled
sudo ln -s ../sites-available/reverse_proxy reverse_proxy
Now you can edit this configuration to set up your reverse proxy.
Step 2: Add default site
You want any unmapped domains to get redirected to the nginx home page. To accomplish this, I create a default server at the top of the configuration.
sudo vim /etc/nginx/sites-enabled/reverse_proxy
## Default catch all
server {
server_name localhost;
root /usr/share/nginx/www;
index index.html index.htm;
}
This server configuration maps to localhost and forwards any requests to the nginx home page.
Step 3: Configure a site
Now you want to configure anoter site to forward requests to. This is pretty straightforward as well. We simply add this site below the default site.
## *.derpturkey.com
server {
server_name derpturkey.com *.derpturkey.com;
# Site specific logging
access_log /var/log/nginx/derpturkey.access.log;
error_log /var/log/nginx/derpturkey.error.log;
## Forward request
location / {
proxy_pass http://192.168.0.153:2368;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
The first diretive for configuring the server_name specifes the site with a wildcard and without a subdomain. Note that you will need to specify both if you want the site to be accessible from any subdomain, or lack of subdomain. More information about server_name is available on the documentation site.
After this host is specifed, I added some custom logging for the domain. Normally, logs are found in /var/log/nginx/access.log
and /var/log/nginx/error.log
. I made these specific for the domain.
We want to forward all traffic, so we specify the lcoation /
.
Then configure the proxy_pass option which configures the protocol, URL, and port that requests will be forwarded to.
Lastly, we configure header options. In particular, we sent the Host, X-Real-IP, and X-Forwarded-For headers. These ensure that server is aware that the request was proxied and has proper origin information.
Step 4: Reload configuration
Finally, you just need to reload the configuration for your site.
sudo nginx -s reload