Skip to content

Setup Nginx on Google Cloud

Jump to bottom Edit New page
Pulkit Singhal edited this page Aug 21, 2015 · 23 revisions

Setup Nginx

Install Nginx

  1. Update apt

sudo apt-get update ```

  1. Install nginx

sudo apt-get install nginx ```

Install SSL-Certificate

  1. Get SSL-Certificate from provider.
  • DNSimple: Domains > drill down into your domain > Domain tab on left side > SSL Certificates header > drill down into your certificate > Certificate section > Install the SSL certificate > Enjoy the crisp / clear instructions
  1. Save .key and .pem in server

  • You may choose to use either /etc/nginx/ssl or /etc/ssl

  • Example:

on the SSH terminal for your gcloud machine

$ tree -L 1 /etc/ssl /etc/ssl ├── certs ├── openssl.cnf └── private

on the SSH terminal for your local machine

$ gcloud compute instances list $ gcloud compute copy-files ~/Downloads/MY_DOMAIN.key root@INSTANCE_NAME:/home/myUsername --zone INSTANCE_ZONE $ gcloud compute copy-files ~/Downloads/MY_DOMAIN.pem root@INSTANCE_NAME:/home/myUsername --zone INSTANCE_ZONE

on the SSH terminal for your gcloud machine

$ tree -L 1 /etc/ssl /etc/ssl ├── certs ├── openssl.cnf ├── private ├── MY_DOMAIN_COM.key └── MY_DOMAIN_COM.pem $ ls -alrt /etc/ssl/ -rw-r----- 1 root root 7539 MY_DOMAIN_COM.pem -rw-r----- 1 root root 1675 MY_DOMAIN_COM.key ```

  1. Add a new virtual host or edit default

  2. Redirect http traffic to https

    server {
    listen 80;
    return 301 https://$host$request_uri;
}

  3. Add ssl certificate

    server {

  listen   443;

  ssl on;
      ssl_certificate /etc/nginx/ssl/<CERTIFICATE_PEM>;
      ssl_certificate_key /etc/nginx/ssl/<CERTIFICATE_KEY>;

  server_name <DOMAIN_NAME>;
  #Redirect application port to https
  location / {

      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;

      # Fix the “It appears that your reverse proxy set up is broken" error.
      proxy_pass          http://localhost:<APPLICATION_PORT>;
      proxy_read_timeout  90;
      proxy_redirect      http://localhost:<APPLICATION_PORT> https://<DOMAIN_NAME>;
   }
}

  4. If you have never configured your nginx for anything at all before and you just want a sample that you can replace/override:

  5. cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.backup

  6. vi /etc/nginx/sites-available/default (still requires substitutions based on your setup)

```

server { listen 80; return 301 https://$host$request_uri; } server { listen 443; ssl on; ssl_certificate /etc/nginx/ssl/MY_domain_com.pem; ssl_certificate_key /etc/nginx/ssl/MY_domain_com.key; server_name mySubDomainName.domain.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_connect_timeout 600; proxy_read_timeout 1200; proxy_send_timeout 600; send_timeout 600; # Fix the "It appears that your reverse proxy set up is broken" error. proxy_pass http://localhost:1337; proxy_redirect http://localhost:1337 https://mySubDomainName.domain.com; } } ```

  1. Restart nginx

/etc/init.d/nginx restart ```

Troubleshoot Nginx

  1. All the files should be easily listable: ls -alrt /etc/nginx/
  2. Have a peek at cat /etc/nginx/sites-available/default to make sure that all is as you think it should be
  3. You can also peek at cat /etc/nginx/nginx.conf to see where the log files for nginx go:
  4. /var/log/nginx/access.log
  5. /var/log/nginx/error.log
  6. and tail or less those files if needed for troubleshooting
Add a custom footer

Clone this wiki locally