What is nginx
Why use it
For me, the biggest motivation is as an SSL termination point. With LetsEncrypt offering free certificates, SSL is a no-brainer, even for weekend projects. It sucks setting it up over and over and over again (even though it’s WAY easier than a couple years ago). I have one domain that I use as a staging area while I’m playing around with various ideas. Rather than set up SSL certificates for the various servers running on that machine, nginx is the SSL termination point which then proxies the requests.
Additionally, nginx is a super fast and simple static file server. If you’re just messing around with this week’s SPA framework, you don’t need an application server at all. This means most of your front end can be delivered as fast as possible, and fast is usually a good thing.
How to use it
First and foremost, there’s a great DigitalOcean tutorial here about deploying NodeJS servers.
One of the common use cases I find myself in is the following:
- I have a client that I want served (HTML, JavaScript, CSS etc)
- I have a server that provides an API, usually exclusively intended for the client
- I don’t really want the client and the server to be directly aware of one-another
With that in mind, for the hostname example.ca I would create /etc/nginx/sites-available/example.ca with something like the following content:
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name example.ca http://www.example.ca; | |
| location / { | |
| root /home/toby/client; | |
| index index.html | |
| try_files $uri $uri/ /index.html; | |
| } | |
| location /api/ { | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header Host $http_host; | |
| proxy_set_header X-NginX-Proxy true; | |
| proxy_pass http://127.0.0.1:3000/; | |
| proxy_redirect off; | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade $http_upgrade; | |
| proxy_set_header Connection "upgrade"; | |
| proxy_redirect off; | |
| } | |
| listen 443 ssl; # managed by Certbot | |
| ssl_certificate /etc/letsencrypt/live/example.ca/fullchain.pem; # managed by Certbot | |
| ssl_certificate_key /etc/letsencrypt/live/example.ca/privkey.pem; # managed by Certbot | |
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
| if ($scheme != "https") { | |
| return 301 https://$host$request_uri; | |
| } # managed by Certbot | |
| } |
What does this mean?
For the most part, I have no idea. I imagine I copy/pasted it off a StackOverflow answer at some point. I’ll look it up when I have time.
nginx will be listening on port 80, and if someone comes knocking at the root path / it will try and serve up the client files that live in /home/toby/client (favicon, HTML, css, JavaScript etc).
If someone makes a request prefixed by /api/, the request is rewritten to strip off that prefix (so https://example.ca/api/endpoint/test would turn into http://127.0.0.1:3000/endpoint/test) and proxied off to an Express server that is running on port 3000 (in this example).
Line 27 and on are all EFF’s Certbot‘s doing.
Is it NGINX, nginx, or Nginx?
I think nginx is the original form [citation needed], Nginx Inc. is the name of the company that backs it, and NGINX is the logo and modern “marketing” name. From that perspective, the software is likely most correctly referred to as NGINX, but practically speaking my impression is most people use nginx. Probably could be clearer…
