new awesome build

DOCS/General/Nginx_Configuration.md

@@ -0,0 +1,124 @@
+# Nginx Configuration Guide
+
+This guide details how to configure Nginx as a reverse proxy for the OpenVPN Monitor & Profiler application. Nginx is **required** in production to serve the frontend and route API requests to the appropriate backend services.
+
+## Architecture Recap
+
+-   **Frontend (`APP_UI`)**: Static files (HTML, JS, CSS) served from `/var/www/ovpmon` (or similar).
+-   **Core API (`APP_CORE`)**: Python/Flask service running on **127.0.0.1:5001**.
+-   **Profiler API (`APP_PROFILER`)**: Python/FastAPI service running on **127.0.0.1:8000**.
+
+## 1. Alpine Linux Setup
+
+### Installation
+```bash
+apk add nginx
+rc-update add nginx default
+```
+
+### Configuration
+Create a new configuration file (e.g., `/etc/nginx/http.d/ovpmon.conf`).
+
+```nginx
+server {
+    listen 80;
+    server_name your-server-domain.com; # Replace with your IP or Domain
+
+    root /var/www/ovpmon;
+    index index.html;
+
+    # Gzip Compression
+    gzip on;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+    # 1. Frontend (SPA Routing)
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # 2. Core Monitoring API (Flask :5001)
+    # Routes: /api/v1/stats, /api/auth, etc.
+    location /api/v1/ {
+        proxy_pass http://127.0.0.1:5001/api/v1/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+    location /api/auth/ {
+        proxy_pass http://127.0.0.1:5001/api/auth/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    # 3. Profiler Management API (FastAPI :8000)
+    # Routes: /api/profiles, /api/config, etc.
+    # Note: We capture /api/ but exclude /api/v1 (handled above)
+    location /api/ {
+        # Ensure this doesn't conflict with /api/v1. Nginx matching order:
+        # Longest prefix matches first. So /api/v1/ wins over /api/.
+        proxy_pass http://127.0.0.1:8000/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+}
+```
+
+### Apply Changes
+```bash
+rc-service nginx restart
+```
+
+---
+
+## 2. Debian / Ubuntu Setup
+
+### Installation
+```bash
+sudo apt update
+sudo apt install nginx
+```
+
+### Configuration
+1.  Create a configuration file in `/etc/nginx/sites-available/ovpmon`:
+    *(Use the same Nginx configuration block provided in the Alpine section above)*
+
+2.  Enable the site:
+    ```bash
+    sudo ln -s /etc/nginx/sites-available/ovpmon /etc/nginx/sites-enabled/
+    sudo rm /etc/nginx/sites-enabled/default  # Optional: Remove default site
+    ```
+
+3.  Test and Restart:
+    ```bash
+    sudo nginx -t
+    sudo systemctl restart nginx
+    ```
+
+---
+
+## 3. Deployment Checklist
+
+1.  **Frontend Build**:
+    Ensure you have built the UI and copied the files to your web root:
+    ```bash
+    cd APP_UI
+    npm run build
+    sudo mkdir -p /var/www/ovpmon
+    sudo cp -r dist/* /var/www/ovpmon/
+    ```
+
+2.  **Permissions**:
+    Ensure Nginx can read the web files:
+    ```bash
+    sudo chown -R nginx:nginx /var/www/ovpmon  # Alpine
+    # OR
+    sudo chown -R www-data:www-data /var/www/ovpmon # Debian/Ubuntu
+    ```
+
+3.  **SELinux (RedHat/CentOS only)**:
+    If using SELinux, allow Nginx to make network connections:
+    ```bash
+    setsebool -P httpd_can_network_connect 1
+    ```