mirror
/
vapor-docs
mirror of https://github.com/vapor/docs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
vapor-docs/build/1.5/deploy/nginx.html

575 lines
26 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Vapor Documentation</title>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Source+Code+Pro">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Quicksand:400,700,300">
<link rel="stylesheet" href="/1.5/styles/vapor-code.css">
<link rel="stylesheet" href="/1.5/styles/main.css">
</head>
<body>
<header>
<a class="logo" href="/1.5/">
<img src="/1.5/images/droplet.svg" alt="Vapor">
<h1>Vapor <em>Docs</em></h1>
</a>
<ul>
<li>
<a href="http://vapor.codes">Home</a>
</li>
<li>
<a href="http://example.vapor.codes">Example</a>
</li>
<li>
<a href="https://github.com/vapor/vapor">GitHub</a>
</li>
<li>
<a href="https://twitter.com/@codevapor">Twitter</a>
</li>
<li>
<a href="http://vapor.team">Slack</a>
</li>
</ul>
</header>
<nav>
<a href="#" class="toggle show"></a>
<a href="#" class="toggle close">&times;</a>
<div class="scroll">
<section>
<h3>Getting Started</h3>
<ul>
<li class="">
<a href="/1.5/getting-started/install-swift-3-macos.html">
Install Swift 3: macOS
</a>
</li>
<li class="">
<a href="/1.5/getting-started/install-swift-3-ubuntu.html">
Install Swift 3: Ubuntu
</a>
</li>
<li class="">
<a href="/1.5/getting-started/install-toolbox.html">
Install Toolbox
</a>
</li>
<li class="">
<a href="/1.5/getting-started/hello-world.html">
Hello, World
</a>
</li>
<li class="">
<a href="/1.5/getting-started/manual.html">
Manual
</a>
</li>
<li class="">
<a href="/1.5/getting-started/xcode.html">
Xcode
</a>
</li>
</ul>
</section>
<section>
<h3>Guide</h3>
<ul>
<li class="">
<a href="/1.5/guide/droplet.html">
Droplet
</a>
</li>
<li class="">
<a href="/1.5/guide/folder-structure.html">
Folder Structure
</a>
</li>
<li class="">
<a href="/1.5/guide/json.html">
JSON
</a>
</li>
<li class="">
<a href="/1.5/guide/config.html">
Config
</a>
</li>
<li class="">
<a href="/1.5/guide/views.html">
Views
</a>
</li>
<li class="">
<a href="/1.5/guide/leaf.html">
Leaf
</a>
</li>
<li class="">
<a href="/1.5/guide/controllers.html">
Controllers
</a>
</li>
<li class="">
<a href="/1.5/guide/middleware.html">
Middleware
</a>
</li>
<li class="">
<a href="/1.5/guide/validation.html">
Validation
</a>
</li>
<li class="">
<a href="/1.5/guide/provider.html">
Provider
</a>
</li>
<li class="">
<a href="/1.5/guide/sessions.html">
Sessions
</a>
</li>
<li class="">
<a href="/1.5/guide/hash.html">
Hash
</a>
</li>
<li class="">
<a href="/1.5/guide/commands.html">
Commands
</a>
</li>
</ul>
</section>
<section>
<h3>Routing</h3>
<ul>
<li class="">
<a href="/1.5/routing/basic.html">
Basic
</a>
</li>
<li class="">
<a href="/1.5/routing/parameters.html">
Route Parameters
</a>
</li>
<li class="">
<a href="/1.5/routing/query-parameters.html">
Query Parameters
</a>
</li>
<li class="">
<a href="/1.5/routing/group.html">
Group
</a>
</li>
<li class="">
<a href="/1.5/routing/collection.html">
Collection
</a>
</li>
</ul>
</section>
<section>
<h3>Fluent</h3>
<ul>
<li class="">
<a href="/1.5/fluent/driver.html">
Driver
</a>
</li>
<li class="">
<a href="/1.5/fluent/model.html">
Model
</a>
</li>
<li class="">
<a href="/1.5/fluent/query.html">
Query
</a>
</li>
<li class="">
<a href="/1.5/fluent/relation.html">
Relation
</a>
</li>
</ul>
</section>
<section>
<h3>Auth</h3>
<ul>
<li class="">
<a href="/1.5/auth/user.html">
User
</a>
</li>
<li class="">
<a href="/1.5/auth/middleware.html">
Middleware
</a>
</li>
<li class="">
<a href="/1.5/auth/request.html">
Request
</a>
</li>
<li class="">
<a href="/1.5/auth/protect.html">
Protect
</a>
</li>
</ul>
</section>
<section>
<h3>HTTP</h3>
<ul>
<li class="">
<a href="/1.5/http/request.html">
Request
</a>
</li>
<li class="">
<a href="/1.5/http/response.html">
Response
</a>
</li>
<li class="">
<a href="/1.5/http/body.html">
Body
</a>
</li>
<li class="">
<a href="/1.5/http/response-representable.html">
ResponseRepresentable
</a>
</li>
<li class="">
<a href="/1.5/http/responder.html">
Responder
</a>
</li>
<li class="">
<a href="/1.5/http/client.html">
Client
</a>
</li>
<li class="">
<a href="/1.5/http/server.html">
Server
</a>
</li>
<li class="">
<a href="/1.5/http/cors.html">
CORS
</a>
</li>
</ul>
</section>
<section>
<h3>WebSockets</h3>
<ul>
<li class="">
<a href="/1.5/websockets/droplet.html">
Droplet
</a>
</li>
<li class="">
<a href="/1.5/websockets/custom.html">
Custom
</a>
</li>
</ul>
</section>
<section>
<h3>Testing</h3>
<ul>
<li class="">
<a href="/1.5/testing/modules.html">
Modules
</a>
</li>
<li class="">
<a href="/1.5/testing/basic.html">
Basic
</a>
</li>
</ul>
</section>
<section>
<h3>Deploy</h3>
<ul>
<li class="active">
<a href="/1.5/deploy/nginx.html">
Nginx
</a>
</li>
<li class="">
<a href="/1.5/deploy/supervisor.html">
Supervisor
</a>
</li>
</ul>
</section>
<section>
<h3>Version (1.5)</h3>
<ul>
<li class="">
<a href="/1.5/switch/1_5.html">
1.5
</a>
</li>
<li class="">
<a href="/1.5/switch/2_0.html">
2.0
</a>
</li>
</ul>
</section>
</div>
</nav>
<main>
<a href="https://github.com/vapor/documentation/blob/master/CONTRIBUTING.md" class="edit">✎ Edit on GitHub</a>
<h1 id="deploying-with-nginx">Deploying with Nginx</h1>
<p>Nginx is an extremely fast, battle tested, and easy-to-configure HTTP server and proxy. While Vapor supports directly serving HTTP requests with or without TLS, proxying behind Nginx can provide increased performance, security, and ease-of-use. </p>
<blockquote>
<p>Note: We recommend proxying Vapor HTTP servers behind Nginx.</p>
</blockquote>
<h2 id="overview">Overview</h2>
<p>What does it mean to proxy an HTTP server? In short, a proxy acts as a middleman between the public internet and your HTTP server. Requests come to the proxy and then it sends them to Vapor. </p>
<p>An important feature of this middleman proxy is that it can alter or even redirect the requests. For instance, the proxy can require that the client use TLS (https), rate limit requests, or even serve public files without talking to your Vapor application.</p>
<p><img src="https://cloud.githubusercontent.com/assets/1342803/20184965/5d9d588a-a738-11e6-91fe-28c3a4f7e46b.png" alt="nginx-proxy" /></p>
<h3 id="more-detail">More Detail</h3>
<p>The default port for receiving HTTP requests is port <code>80</code> (and <code>443</code> for HTTPS). When you bind a Vapor server to port <code>80</code>, it will directly receive and respond to the HTTP requests that come to your server. When adding a proxy like Nginx, you bind Vapor to an internal port, like port <code>8080</code>. </p>
<blockquote>
<p>Note: Ports greater than 1024 do not require <code>sudo</code> to bind.</p>
</blockquote>
<p>When Vapor is bound to a port besides <code>80</code> or <code>443</code>, it will not be accessible to the outside internet. You then bind Nginx to port <code>80</code> and configure it to route requests to your Vapor server bound at port <code>8080</code> (or whichever port you've chosen).</p>
<p>And that's it. If Nginx is properly configured, you will see your Vapor app responding to requests on port <code>80</code>. Nginx proxies the requests and responses invisibly.</p>
<h2 id="install-nginx">Install Nginx</h2>
<p>The first step is installing Nginx. One of the great parts of Nginx is the tremendous amount of community resources and documentation surrounding it. Because of this, we will not go into great detail here about installing Nginx as there is almost definitely a tutorial for your specific platform, OS, and provider.</p>
<p>Tutorials:</p>
<ul>
<li><a href="https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-14-04-lts">How To Install Nginx on Ubuntu 14.04 LTS</a></li>
<li><a href="https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-16-04">How To Install Nginx on Ubuntu 16.04</a></li>
<li><a href="https://blog.codeship.com/how-to-deploy-nginx-on-heroku/">How to Deploy Nginx on Heroku</a></li>
<li><a href="https://www.digitalocean.com/community/tutorials/how-to-run-nginx-in-a-docker-container-on-ubuntu-14-04">How To Run Nginx in a Docker Container on Ubuntu 14.04</a></li>
</ul>
<h3 id="apt">APT</h3>
<p>Nginx can be installed through APT.</p>
<pre><code class="language-sh">sudo apt-get update
sudo apt-get install nginx</code></pre>
<p>Check whether Nginx was installed correctly by visiting your server's IP address in a browser</p>
<pre><code class="language-sh">http://server_domain_name_or_IP</code></pre>
<h3 id="service">Service</h3>
<p>Ther service an be started or stopped.</p>
<pre><code class="language-sh">sudo service nginx stop
sudo service nginx start
sudo service nginx restart</code></pre>
<h2 id="booting-vapor">Booting Vapor</h2>
<p>Nginx can be started an stopped with the <code>sudo service nginx ...</code> commands. You will need something similar to start and stop your Vapor server.</p>
<p>There are many ways to do this, and they depend on which platform you are deploying to. Check out the <a href="supervisor.html">Supervisor</a> instructions to add commands for starting and stopping your Vapor app.</p>
<h2 id="configure-proxy">Configure Proxy</h2>
<p>The configuration files for enabled sites can be found in <code>/etc/nginx/sites-enabled/</code>.</p>
<p>Create a new file or copy the example template from <code>/etc/nginx/sites-available/</code> to get started.</p>
<p>Here is an example configuration file for a Vapor project called <code>Hello</code> in the home directory.</p>
<pre><code class="language-sh">server {
server_name hello.com;
listen 80;
root /home/vapor/Hello/Public/;
location @proxy {
proxy_pass http://127.0.0.1:8080;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Server;
proxy_connect_timeout 3s;
proxy_read_timeout 10s;
}
}</code></pre>
<p>This configuration file assumes the <code>Hello</code> project binds to port <code>8080</code> when started in production mode.</p>
<h3 id="serving-files">Serving Files</h3>
<p>Nginx can also serve public files without asking your Vapor app. This can improve performance by freeing up the Vapor process for other tasks under heavy load.</p>
<pre><code class="language-sh">server {
...
# Serve all public/static files via nginx and then fallback to Vapor for the rest
try_files $uri @proxy;
location @proxy {
...
}
}</code></pre>
<h3 id="tls">TLS</h3>
<p>Adding TLS is relatively straightforward as long as the certificates have been properly generated. To generate TLS certificates for free, check out <a href="https://letsencrypt.org/getting-started/">Let's Encrypt</a>.</p>
<pre><code class="language-sh">server {
...
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/hello.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hello.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
...
location @proxy {
...
}
}</code></pre>
<p>The configuration above are the relatively strict settings for TLS with Nginx. Some of the settings here are not required, but enhance security.</p>
</main>
<script src="//code.jquery.com/jquery-1.11.0.min.js"></script>
<script src="/1.5/scripts/highlight.pack.js"></script>
<script>
hljs.registerLanguage("leaf", function (hljs) {
/* Author: Hale Chan <halechan@qq.com> */
return {
c: [
{
cN: 'function',
b: '#+',
e: '[)] ',
rB: true,
eE: false,
c : [
{
b: '[(]',
e: '[)]',
eE: true,
c: [
{
cN: 'string',
b: '"',
e: '"'
},
{
cN: 'title',
b: '[A-Za-z_][A-Za-z_0-9]*'
}
]
},
{
cN: 'keyword',
b: '#+([A-Za-z$_][0-9A-Za-z$_]*)?',
eP: true
},
]
}
]
};
});
</script>
<script>
$(function() {
// Syntax highlighting
hljs.initHighlightingOnLoad();
if (navigator.userAgent.indexOf('Safari') != -1 && navigator.userAgent.indexOf('Chrome') == -1) {
$('body').addClass('safari');
}
$('h1, h2, h3, h4, h5, h6').each(function(key, item) {
var $item = $(item);
var id = $item.attr('id');
if (id) {
var link = $('<a>');
link.attr('href', '#' + id);
$item.wrap(link);
}
})
$('a.toggle').on('click', function(e){
e.preventDefault();
console.log('hi');
var body = $('body');
if (body.hasClass('toggled')) {
body.removeClass('toggled');
} else {
body.addClass('toggled');
}
})
var lastScroll = 0;
var isUp = false;
var win = $(window);
win.on('scroll', function(){
var scrollTop = win.scrollTop();
var scrollBottom = win.scrollTop() + win.height();
var docHeight = $(document).height();
if ( scrollTop < 0 || scrollBottom >= docHeight ){
return;
}
if (scrollTop > (lastScroll + 0) && scrollTop >= 0) {
if (!isUp) {
$('a.toggle.show').addClass('hide')
}
isUp = true;
lastScroll = scrollTop;
} else if (scrollTop < (lastScroll - 0)) {
if (isUp) {
$('a.toggle.show').removeClass('hide')
}
isUp = false;
lastScroll = scrollTop;
}
});
// scroll to the active nav item
$("nav .scroll").animate({
scrollTop: $("nav .active").offset().top - 157
}, 0);
// var lastScrollTop = 0;
// $(window).scroll(function(event){
// var st = $(this).scrollTop();
// if (st > lastScrollTop){
// $('a.toggle.show').addClass('hide')
// } else {
// $('a.toggle.show').removeClass('hide')
// }
// lastScrollTop = st;
// });
});
</script>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-76177358-4', 'auto');
ga('send', 'pageview');
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink