Nginx KonfigurationNginx Configuration

So richtest du Nginx als Reverse Proxy für Financer ein.

How to set up Nginx as a reverse proxy for Financer.

Einfache KonfigurationBasic Configuration

Für eine einfache Self-Hosted-Installation (Single-Tenant) genügt folgende Nginx-Konfiguration:

For a simple self-hosted installation (single-tenant), the following Nginx configuration is sufficient:

server {
    listen 80;
    server_name financer.example.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
    }
}

SSL mit CertbotSSL with Certbot

Um HTTPS zu aktivieren, installiere Certbot und fordere ein Zertifikat an:

To enable HTTPS, install Certbot and request a certificate:

1. Certbot installieren:

1. Install Certbot:

sudo apt install certbot python3-certbot-nginx

2. Zertifikat anfordern:

2. Get certificate:

sudo certbot --nginx -d financer.example.com

3. Automatische Erneuerung testen:

3. Test auto-renewal:

sudo certbot renew --dry-run

Multi-Tenant (Cloudhost)Multi-Tenant (Cloudhost)

Für ein Multi-Tenant-Setup mit Wildcard-Subdomains verwendest du folgende Konfiguration:

For a multi-tenant setup with wildcard subdomains, use the following configuration:

server {
    listen 443 ssl;
    server_name *.getfinancer.com getfinancer.com;

    ssl_certificate /etc/letsencrypt/live/getfinancer.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/getfinancer.com/privkey.pem;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Hinweis

Wildcard-SSL erfordert DNS-Validierung. Verwende folgenden Befehl:

sudo certbot certonly --manual --preferred-challenges dns -d "*.getfinancer.com" -d "getfinancer.com"

Note

Wildcard SSL requires DNS validation. Use the following command:

sudo certbot certonly --manual --preferred-challenges dns -d "*.getfinancer.com" -d "getfinancer.com"

TippsTips

Setze client_max_body_size in deiner Nginx-Konfiguration, falls du größere Uploads benötigst (z. B. client_max_body_size 10M;).
Aktiviere gzip-Komprimierung für bessere Performance.

Lade Nginx nach Änderungen neu:

sudo nginx -t && sudo systemctl reload nginx

Set client_max_body_size in your Nginx configuration if you need larger uploads (e.g. client_max_body_size 10M;).
Enable gzip compression for better performance.

Reload Nginx after changes:

sudo nginx -t && sudo systemctl reload nginx

← Vorherige Seite← Previous Page

Self-Hosting

Nächste Seite →Next Page →

Admin Panel