ayurishchev/OpenVPN-Monitoring-Simple
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4bd4127bb5499374c44e06c3a10755acf62663d1
OpenVPN-Monitoring-Simple/DOCS/General/Nginx_Configuration.md
Антон fcb8f6bac7 new awesome build
2026-01-28 22:37:47 +03:00

125 lines
3.5 KiB
Markdown
Raw Blame History

# Nginx Configuration Guide
This guide details how to configure Nginx as a reverse proxy for the OpenVPN Monitor & Profiler application. Nginx is **required** in production to serve the frontend and route API requests to the appropriate backend services.
## Architecture Recap
- **Frontend (`APP_UI`)**: Static files (HTML, JS, CSS) served from `/var/www/ovpmon` (or similar).
- **Core API (`APP_CORE`)**: Python/Flask service running on **127.0.0.1:5001**.
- **Profiler API (`APP_PROFILER`)**: Python/FastAPI service running on **127.0.0.1:8000**.
## 1. Alpine Linux Setup
### Installation
```bash
apk add nginx
rc-update add nginx default
```
### Configuration
Create a new configuration file (e.g., `/etc/nginx/http.d/ovpmon.conf`).
```nginx
server {
listen 80;
server_name your-server-domain.com; # Replace with your IP or Domain
root /var/www/ovpmon;
index index.html;
# Gzip Compression
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
# 1. Frontend (SPA Routing)
location / {
try_files $uri $uri/ /index.html;
}
# 2. Core Monitoring API (Flask :5001)
# Routes: /api/v1/stats, /api/auth, etc.
location /api/v1/ {
proxy_pass http://127.0.0.1:5001/api/v1/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /api/auth/ {
proxy_pass http://127.0.0.1:5001/api/auth/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# 3. Profiler Management API (FastAPI :8000)
# Routes: /api/profiles, /api/config, etc.
# Note: We capture /api/ but exclude /api/v1 (handled above)
location /api/ {
# Ensure this doesn't conflict with /api/v1. Nginx matching order:
# Longest prefix matches first. So /api/v1/ wins over /api/.
proxy_pass http://127.0.0.1:8000/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
```
### Apply Changes
```bash
rc-service nginx restart
```
---
## 2. Debian / Ubuntu Setup
### Installation
```bash
sudo apt update
sudo apt install nginx
```
### Configuration
1. Create a configuration file in `/etc/nginx/sites-available/ovpmon`:
*(Use the same Nginx configuration block provided in the Alpine section above)*
2. Enable the site:
```bash
sudo ln -s /etc/nginx/sites-available/ovpmon /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/default # Optional: Remove default site
```
3. Test and Restart:
```bash
sudo nginx -t
sudo systemctl restart nginx
```
---
## 3. Deployment Checklist
1. **Frontend Build**:
Ensure you have built the UI and copied the files to your web root:
```bash
cd APP_UI
npm run build
sudo mkdir -p /var/www/ovpmon
sudo cp -r dist/* /var/www/ovpmon/
```
2. **Permissions**:
Ensure Nginx can read the web files:
```bash
sudo chown -R nginx:nginx /var/www/ovpmon # Alpine
# OR
sudo chown -R www-data:www-data /var/www/ovpmon # Debian/Ubuntu
```
3. **SELinux (RedHat/CentOS only)**:
If using SELinux, allow Nginx to make network connections:
```bash
setsebool -P httpd_can_network_connect 1
```
Reference in New Issue View Git Blame Copy Permalink