# Configurations for Nginx (Reverse Proxy Server)

## Installing Nginx Server

1. sudo apt-get update&#x20;
2. sudo apt-get install nginx
3. sudo nginx -v

## Configurations in Nginx Server

* Navigate to Nginx folder path and create the SSL key using the below command

> &#x20;**cd /etc/nginx**
>
> \
> **sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/cert.key -out /etc/nginx/cert.crt**

* Edit the default configuration file using the command **`sudo nano /etc/nginx/sites-enabled/default`**
* Type the below in the configuration file replace the domain name with the server IP address or server name.&#x20;

```
log_format postdata '$remote_addr - $remote_user [$time_local] $args  "$request" $status $bytes_sent "$http_referer" "$http_user_agent" "$request_body"';

server {
   listen 80;
   return 301 https://$host$request_uri;
}

server {
	listen 443;

	ssl_certificate /etc/nginx/cert.crt;
	ssl_certificate_key /etc/nginx/cert.key;
	ssl on;
	ssl_session_cache builtin:1000 shared:SSL:10m;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
	ssl_prefer_server_ciphers on;

	location /<HOST-IP-ADDRESS>/ {
		access_log /var/log/nginx/access.log postdata;
		error_log /var/log/nginx/error.log warn;
	
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_pass https://<HOST-IP-ADDRESS>/;
		proxy_read_timeout 90;
		proxy_redirect https://<HOST-IP-ADDRESS>/ https://<NGINX-SERVER-IP>/;

		# WebSocket support
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
	}

	location /<HOST2-IP-ADDRESS>/ {
		access_log /var/log/nginx/access.log postdata;
		error_log /var/log/nginx/error.log warn;
	
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_pass https://<HOST2-IP-ADDRESS>/;
		proxy_read_timeout 90;
		proxy_redirect https://<HOST2-IP-ADDRESS>/ https://<NGINX-SERVER-IP>/;
	
		# WebSocket support
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
	}
}

```

* &#x20;Save the edited configuration file
* Let's now test the configuration file using command  **`sudo nginx -t`.**  When the test was successful, we will see the test is successfull message. When the test was a failure check the configuration file for syntax errors and resolve it to pass the test.
* Restart the Nginx server using the command **`sudo service nginx restart`**

\
Important Files: <a href="#important-files" id="important-files"></a>
---------------------------------------------------------------------

1. Nginx Configuration file: **`/etc/nginx/nginx.conf`**
2. **Proxy Configuration file: `/etc/nginx/sites-enabled/default`**&#x20;
3. Access Logs: **`/var/log/nginx/access.log`**
4. Error Logs: **`/var/log/nginx/error.log`**

&#x20;

&#x20;