Configuring Nginx for HTTPS

Nginx can act as a reverse proxy and HTTPS terminator for SkyView.

Here is a typical configuration when used with other services on the host:


server {

        client_max_body_size 0;
        server_name skyview.example.com;

        location /  {

            proxy_pass         http://127.0.0.1:8100;
            proxy_http_version 1.1;

            proxy_set_header   Host              $host;
            proxy_set_header   X-Real-IP         $remote_addr;
            proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
            proxy_set_header   Upgrade           $http_upgrade;
            proxy_set_header   Connection        "upgrade";

            # Streaming-friendly: do not buffer requests/responses
            proxy_buffering         off;               # flush upstream data immediately (SSE/log streams)
            proxy_request_buffering off;               # stream uploads/request body to upstream

            # Timeouts for long-lived connections (WebSocket, long-poll, WHIP/WHEP ICE trickle, etc.)
            proxy_read_timeout      3600s;             # time between upstream reads
            proxy_send_timeout      3600s;             # time between writes to upstream

            # Avoid gzip on upgraded connections
            gzip off;
        }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/skyview.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/skyview.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search