summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md1
-rw-r--r--nginx/prism.tylerhoang.xyz.conf53
2 files changed, 54 insertions, 0 deletions
diff --git a/README.md b/README.md
index d41c8d6..41ee1b4 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,7 @@ The implementation copies and adapts finance logic from Prism v1 into `backend/`
- `types/api.ts` shared frontend response types
- `scripts/stack.sh` unified start/stop/restart/status script
- `systemd/` systemd unit files for running as a system service
+- `nginx/` nginx server block config (proxies `/api/` to backend, `/` to frontend)
- `.env.example` optional environment variables
- `pytest.ini` backend pytest import path config
diff --git a/nginx/prism.tylerhoang.xyz.conf b/nginx/prism.tylerhoang.xyz.conf
new file mode 100644
index 0000000..c19183d
--- /dev/null
+++ b/nginx/prism.tylerhoang.xyz.conf
@@ -0,0 +1,53 @@
+server {
+ server_name prism.tylerhoang.xyz;
+
+ access_log /var/log/nginx/prism.tylerhoang.xyz.access.log;
+ error_log /var/log/nginx/prism.tylerhoang.xyz.error.log;
+
+ location /api/ {
+ proxy_pass http://127.0.0.1:8001/api/;
+ proxy_http_version 1.1;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:3001;
+ proxy_http_version 1.1;
+
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-Port $server_port;
+
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+
+ proxy_read_timeout 86400;
+ proxy_send_timeout 86400;
+ proxy_buffering off;
+ }
+
+ listen 443 ssl; # managed by Certbot
+ listen [::]:443 ssl; # managed by Certbot
+ ssl_certificate /etc/letsencrypt/live/prism.tylerhoang.xyz/fullchain.pem; # managed by Certbot
+ ssl_certificate_key /etc/letsencrypt/live/prism.tylerhoang.xyz/privkey.pem; # managed by Certbot
+ include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+ ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+}
+
+server {
+ if ($host = prism.tylerhoang.xyz) {
+ return 301 https://$host$request_uri;
+ } # managed by Certbot
+
+ server_name prism.tylerhoang.xyz;
+
+ listen [::]:80;
+ listen 80;
+ return 404; # managed by Certbot
+}
generated by cgit v1.3-2-g0d8e (git 2.53.0) at 2026-06-05 03:50:41 +0000