We have a few Mojo applications behind Nginx and we run them without any
issues.
We run Nginx on port 3000 and redirect to port 3001 OR 4,000 and redirect
to 4001. These are all SSL connections as well.
The config for our Nginx server is
server {
listen 3000;
server_name <<REDACTED URL>>;
root html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/ssl/certs/SSL.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_session_timeout 5m;
# ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; # NOTE WE REMOVE SSLv3
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dhparams.pem;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the “It appears that your reverse proxy set up is
broken" error.
proxy_pass http://127.0.0.1:3001;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:3001 https://<<REDACTED
URL>>;
}
}
This is pretty simple (as we're not very clever). This also passes the SSL
checks to validate your SSL config (which is nice).
Rob
On Tue, Feb 14, 2017 at 7:14 PM, StarX <[email protected]> wrote:
> Hi,
>
> I know this has been asked many times and there are various posts
> addressing this but I'm struggling to find a concrete example, maybe my
> approach is wrong but I'd appreciate some help.
>
> So, I have a number of mojo applicaitons, say app1, app2, appN, they all
> work great when I spin them up with hypnotoad on their own ports, app1 runs
> on 5000, app2 on 5001, appN 5..N. Can I put all these seperate apps behind
> Nginx and have Nginx serve the js/css content from the public folder of
> each app on a single vhost? I have spent weeks trying to work this out so I
> may be on completely the wrong track.
>
> Here is my Nginx conf on my dev box:
>
> server {
> listen 80 default_server;
> listen [::]:80 default_server;
>
> # Root for stuff like default index.html
> root /var/www/html;
>
>
>
>
> I've also looked at Toadfarm but I'm concerned about scalability, doesn't
> Toadfarm check each route until it finds a match? If I have 15 mojo apps
> running how is this going to impact on performance?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Mojolicious" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at https://groups.google.com/group/mojolicious.
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
