Setting up Nginx as a reverse proxy

%% date:: [[2023-05-14]] parent:: %% # [[Setting up Nginx as a reverse proxy]] %% Last Updated: - [[2021-02-09]] %% An [[Nginx]] server can be used as a [[Reverse Proxy]] for an application server. This confers benefits such as allowing: - management of configuration, including [[SSL]] certificates (as in [[Using a custom domain with Obsidian Publish]]) - load balancing between application servers - multiple websites/domains to be served from one virtual machine ## Modify domain configuration file From the Nginx server, run `sudo nano /etc/nginx/sites-available/sub.domain.com` where `sub.domain.com` is the domain or subdomain you want to proxy/redirect to another site. Add `proxy_pass <url of app server>` to the `location` block like this: ```bash location / { proxy_pass https://publish.obsidian.md/; } ``` The `location /` means that all requests for `sub.domain.com/` will resolve to `https://publish.obsidian.md`. If you change it to `location /notes`, then only requests for that sub-URL will be proxied. Save and exit the file. Restart the Nginx server, and your reverse proxy should be set up! ## Proxy settings for multiple server blocks If you get an HTTP 502 Bad Gateway error after you complete the previous step and you're redirecting via HTTPS, first check that you have [[Installing an SSL certificate on Nginx server with Let's Encrypt and Certbot|SSL enabled]] on your Nginx server. If that's still not working, and you're using [[Setting up server blocks on Nginx|server blocks]], try adding this line to the same `location` block: `proxy_ssl_server_name on;` like this: ```bash location / { proxy_pass https://publish.obsidian.md/; proxy_ssl_server_name on; } ``` Turning the SSL server name on enables [[Server Name Indication]], which means that your server name (`sub.domain.com`) will be sent during the SSL handshaking process. The server name becomes necessary when your Nginx server potentially contains multiple certificates for different domains. ## References - https://stackoverflow.com/questions/38931468/nginx-reverse-proxy-error14077438ssl-ssl-do-handshake-failed#38957403 - https://en.wikipedia.org/wiki/Server_Name_Indication ## See also - [[Nginx]] - [[Installing an SSL certificate on Nginx server with Let's Encrypt and Certbot]] - [[Setting up server blocks on Nginx]]