search

5. Setup nginx in home server

hashtag
Copy SSL certificate file path

Check the pem file path with certbot.

sudo certbot certificates

Certificate Path -> ssl_certificate in nginx conf

Private Key Path -> ssl_certificate_key in nginx conf

hashtag
Create .conf file

Move to nginx config directory in mac brew nginx.

cd /opt/homebrew/etc/nginx/servers

Make file ourcompanylunchauth.conf file.

vi ourcompanylunchauth.conf
server {
    listen 80;
    server_name auth-dev.ourcompanylunch.com;
    return 301 https://auth-dev.ourcompanylunch.com$request_uri;
}

server {
    listen 443 ssl;
    server_name auth-dev.ourcompanylunch.com;
    ssl_certificate /etc/letsencrypt/live/ourcompanylunch.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/ourcompanylunch.com/privkey.pem;

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme; # original request scheme: helps to distinguish http and https
    }
}

When the traffic comes to 80, it will redirect to 443.

circle-info

Default nginx config file is here. /opt/homebrew/etc/nginx/nginx.conf

I can see other nginx configurations and samples. This nginx.conf file says that "include servers/*".

hashtag
Restart nginx

sudo is needed for port number below 1024.

circle-info

Why not brew services restart nginx?

It didn't work well to my case, I assumed it's a permission problem. When I tried sudo brew, it says successfully restarted. But "brew services info nginx" doesn't give me running state.

hashtag
Test nginx working

This will give Moved Permanently redirect.

Previous4. Get SSL certificate using certbotNext6. Setup Port forwarding in home router

Last updated