Update server-installation.rst

I hope this is enough, are there errors? Is something missing?
2025-09-11 23:54:22 +08:00 · 2021-07-10 13:48:36 +02:00 · 2021-07-10 13:48:36 +02:00 · 2c25c44232
commit 2c25c44232
parent 304698c107
1 changed files with 63 additions and 0 deletions
--- a/docs/server-installation.rst
+++ b/docs/server-installation.rst
@ -361,3 +361,66 @@ A config file may be placed under config/environments/<env-name>.yml. To read th
 .. literalinclude:: ../config/environments/dev.yaml
  :language: YAML

+
+Nginx Reverse Proxy Setup with https
+====================================
+
+The `Swag Proxy <https://github.com/linuxserver/docker-swag>`_ makes it easy to generate a valid ssl certificate for the config bellow. Here is the `documentation <https://docs.linuxserver.io/general/swag>`_ for the installation.
+
+The following file configures Netmaker as a subdomain. This config is an adaption from the swag proxy project.
+
+./netmaker.subdomain.conf:
+
+.. code-block:: nginx
+
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+
+        server_name netmaker.*; # The external URL
+        client_max_body_size 0;
+
+        # A valid https certificate is needed.
+        include /config/nginx/ssl.conf;
+
+        location / {
+            # This config file can be found at:
+            # https://github.com/linuxserver/docker-swag/blob/master/root/defaults/proxy.conf
+            include /config/nginx/proxy.conf;
+
+            # if you use a custom resolver to find your app, needed with swag proxy
+            # resolver 127.0.0.11 valid=30s;
+            set $upstream_app netmaker-ui;                             # The internal URL
+            set $upstream_port 80;                                     # The internal Port
+            set $upstream_proto http;                                  # the protocol that is being used
+            proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above
+            }
+        }
+
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+
+        server_name backend-netmaker.*; # The external URL
+        client_max_body_size 0;
+        underscores_in_headers on;
+
+        # A valid https certificate is needed.
+        include /config/nginx/ssl.conf;
+
+        location / {
+            # if you use a custom resolver to find your app, needed with swag proxy
+            # resolver 127.0.0.11 valid=30s;
+
+            set $upstream_app netmaker;                                # The internal URL
+            set $upstream_port 8081;                                   # The internal Port
+            set $upstream_proto http;                                  # the protocol that is being used
+            proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above
+
+            # Forces the header to be the one that is visible from the outside
+            proxy_set_header                Host backend.netmaker.example.org; # Please cange to your URL
+
+            # Pass all headers through to the backend
+            proxy_pass_request_headers      on;
+            }
+        }