ske087/digiserver-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
21eb63659a1288f318824a1a79ab2f84e561815b
digiserver-v2/NGINX_SETUP_QUICK.md
root 21eb63659a feat: complete nginx migration from caddy 
- Replace Caddy reverse proxy with Nginx (nginx:alpine)
- Add nginx.conf with HTTP/HTTPS, gzip, and proxy settings
- Add nginx-custom-domains.conf template for custom domains
- Update docker-compose.yml to use Nginx service
- Add ProxyFix middleware to Flask app for proper header handling
- Create nginx_config_reader.py utility to read Nginx configuration
- Update admin blueprint to display Nginx status in https_config page
- Add Nginx configuration display to https_config.html template
- Generate self-signed SSL certificates for localhost
- Add utility scripts: generate_nginx_certs.sh
- Add documentation: NGINX_SETUP_QUICK.md, PROXY_FIX_SETUP.md
- All containers now running, HTTPS working, HTTP redirects to HTTPS
- Session cookies marked as Secure
- Security headers properly configured
2026-01-15 22:15:11 +02:00

2.4 KiB
Raw Blame History

Quick Start: Nginx Setup for DigiServer v2

Pre-requisites

  • SSL certificates in ./data/nginx-ssl/cert.pem and ./data/nginx-ssl/key.pem
  • Docker and Docker Compose installed
  • Port 80 and 443 available

Quick Setup (3 steps)

1. Generate Self-Signed Certificates

./generate_nginx_certs.sh localhost 365

2. Update Nginx Configuration

  • Edit nginx.conf to set your domain: 
    server_name localhost;  # Change to your domain

3. Start Docker Compose

docker-compose up -d

Verification

Check if Nginx is running

docker ps | grep nginx

Test HTTP → HTTPS redirect

curl -L http://localhost

Test HTTPS (with self-signed cert)

curl -k https://localhost

View logs

docker logs digiserver-nginx
docker exec digiserver-nginx tail -f /var/log/nginx/access.log

Using Production Certificates

Option A: Let's Encrypt (Free)

  1. Install certbot: apt-get install certbot
  2. Generate cert: certbot certonly --standalone -d your-domain.com
  3. Copy cert: cp /etc/letsencrypt/live/your-domain.com/fullchain.pem ./data/nginx-ssl/cert.pem
  4. Copy key: cp /etc/letsencrypt/live/your-domain.com/privkey.pem ./data/nginx-ssl/key.pem
  5. Fix permissions: sudo chown 101:101 ./data/nginx-ssl/*
  6. Reload: docker exec digiserver-nginx nginx -s reload

Option B: Commercial Certificate

  1. Place your certificate files in ./data/nginx-ssl/cert.pem and ./data/nginx-ssl/key.pem
  2. Fix permissions: sudo chown 101:101 ./data/nginx-ssl/*
  3. Reload: docker exec digiserver-nginx nginx -s reload

Troubleshooting

Issue Solution
Port 80/443 in use sudo netstat -tlnp | grep :80 or :443
Certificate permission denied sudo chown 101:101 ./data/nginx-ssl/*
Nginx won't start docker logs digiserver-nginx
Connection refused Check firewall: sudo ufw allow 80/tcp && sudo ufw allow 443/tcp

File Locations

  • Main config: ./nginx.conf
  • SSL certs: ./data/nginx-ssl/
  • Logs: ./data/nginx-logs/
  • Custom domains: ./nginx-custom-domains.conf (auto-generated)

Next: Production Setup

  1. Update .env with your DOMAIN and EMAIL
  2. Configure HTTPS settings in admin panel
  3. Run: python nginx_manager.py generate
  4. Test: docker exec digiserver-nginx nginx -t
  5. Reload: docker exec digiserver-nginx nginx -s reload
Reference in New Issue View Git Blame Copy Permalink