...
Code Block |
---|
upstream docker-backend {
server localhost:8000;
}
upstream docker-frontend {
server localhost:3000;
}
upstream restapi {
server localhost:8080;
}
server {
server_name example.openimis.org;
# Don't forget to edit the URL
# return 301 https://$host$request_uri;
#}
#server {
#
# listen 443 ssl;
# server_name example.openimis.org;
#
## ssl_certificate /etc/ssl/certs/example.openimis.org.crt;
## ssl_certificate_key /etc/ssl/private/example.openimis.org.key;
client_max_body_size 100M;
location /.well-known {
root /var/www/html;
}
location /LegacyHome {
return 204;
}
location /keepLegacyAlive {
return 204;
}
location / {
return 301 /front/;
}
location /home {
return 301 /front/;
}
location /Home.aspx {
return 301 /front/;
}
location ~/front/(.*) {
root /var/www/html;
try_files $uri $uri/ /front/index.html;
#error_page 404 $scheme://$host/front/;
}
location /iapi/ {
proxy_pass http://docker-backend/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /api/ {
proxy_pass http://docker-backend/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /rest/ {
proxy_pass http://restapi/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $server_name;
}
} |
...
Code Block |
---|
sudo apt-get install python3-certbot-nginx
sudo certbot --nginx -d example.openimis.org # don't forget to edit the URL |
You will then need to choose whether or not to redirect HTTP traffic to HTTPS:
Code Block |
---|
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):
|
Install the mobile REST API
...