## sudo apt-get install nginx apache2-utils haveged
server_name letutorial.dev.opentrigger.com; ## hostname
ssl_dhparam /etc/nginx/dhparam.pem; ## create with: `sudo openssl dhparam -out /etc/nginx/dhparam.pem 2048`
ssl_certificate /etc/letsencrypt/live/letutorial.dev.opentrigger.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/letutorial.dev.opentrigger.com/privkey.pem;
ssl_session_cache shared:SSL:30m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=31536000;
## if you want error or access logs
# access_log /var/log/nginx/letutorial.dev.opentrigger.com.access.log;
# error_log /var/log/nginx/letutorial.dev.opentrigger.com.error.log;
## basic authentication - see `man htpasswd`
auth_basic_user_file /etc/nginx/letutorial.dev.opentrigger.com.htpasswd; ## create with: `sudo htpasswd -c /etc/nginx/letutorial.dev.opentrigger.com.htpasswd <username>`
## you migt want to serve some static files
# location / { try_files $uri $uri/ =404; }
# location ~ /\. { return 404; }
## reverse proxy for node-red
proxy_pass http://127.0.0.1:1880/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass_request_headers on;
## reverse proxy for mosquitto websockets (if it is configured and listening on port 8080)
location /mosquitto-websockets/ {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";