diff options
| author | Tyler Hoang <tyler@tylerhoang.xyz> | 2026-05-19 01:24:28 -0700 |
|---|---|---|
| committer | Tyler Hoang <tyler@tylerhoang.xyz> | 2026-05-19 01:24:28 -0700 |
| commit | b50c46d5bdbb1bd5e06a96a66b0696c1145ff4a9 (patch) | |
| tree | d555699c4c8ad46c098032b7e6ac261782257b9c /nginx | |
| parent | 1b9d8f85d5c703106c78548ed1898adea078fab0 (diff) | |
feat: add nginx config with /api/ proxy block for VPS deployment
Routes /api/ to the FastAPI backend (8001) so NEXT_PUBLIC_API_BASE_URL
can be set to the public domain instead of localhost.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Diffstat (limited to 'nginx')
| -rw-r--r-- | nginx/prism.tylerhoang.xyz.conf | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/nginx/prism.tylerhoang.xyz.conf b/nginx/prism.tylerhoang.xyz.conf new file mode 100644 index 0000000..c19183d --- /dev/null +++ b/nginx/prism.tylerhoang.xyz.conf @@ -0,0 +1,53 @@ +server { + server_name prism.tylerhoang.xyz; + + access_log /var/log/nginx/prism.tylerhoang.xyz.access.log; + error_log /var/log/nginx/prism.tylerhoang.xyz.error.log; + + location /api/ { + proxy_pass http://127.0.0.1:8001/api/; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location / { + proxy_pass http://127.0.0.1:3001; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + proxy_read_timeout 86400; + proxy_send_timeout 86400; + proxy_buffering off; + } + + listen 443 ssl; # managed by Certbot + listen [::]:443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/prism.tylerhoang.xyz/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/prism.tylerhoang.xyz/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot +} + +server { + if ($host = prism.tylerhoang.xyz) { + return 301 https://$host$request_uri; + } # managed by Certbot + + server_name prism.tylerhoang.xyz; + + listen [::]:80; + listen 80; + return 404; # managed by Certbot +} |