Permalink
Browse files

update documentation for nginx

  • Loading branch information...
1 parent 91a07ef commit 8067f9375ae1dad0456a7e3e745d2118822efe25 @lloyd lloyd committed Sep 22, 2013
Showing with 19 additions and 16 deletions.
  1. +9 −10 doc/HOW_DO_I.md
  2. +9 −5 doc/SERVER_LAYOUT.md
  3. +1 −1 doc/TUTORIAL.md
View
@@ -78,7 +78,7 @@ SSL credentials thusly:
$ scp myprivatekey.pem proxy@[ip address]:key.pem
$ scp mycert.pem proxy@[ip address]:cert.pem
- $ ssh proxy@[ip address] 'forever restartall'
+ $ ssh ec2-user@[ip address] '/etc/init.d/nginx restart'
Note that if you procure an SSL certificate from someone other than
one of the root authorities (which in the ephemeral world of awsbox is
@@ -109,29 +109,28 @@ In the end, your `cert.pem` file should read like:
At creation time you can pass `--ssl=disable` to create the instance with SSL
disabled.
-Post creation, you can SSH in as the proxy user, and update config.json to contain:
+Post creation, you can SSH in as the proxy user, and remove the SSL nginx
+configuration in `~proxy/conf.d/https.conf`
- { "ssl": "disable" }
-
-Then restart the proxy with `forever restartall`.
+Then restart the proxy.
## How Do I Force Connections to use SSL?
You can always use HTTP headers (Strict-Transport-Security), but even then, a user's
first request will not be encrypted. To cause all HTTP traffic to be redirected
-to HTTPS, you can SSH in as the proxy user and update config.json to contain:
+to HTTPS, you can SSH in as the proxy user and re-configure nginx.
- { "ssl": "force" }
+ mv conf.d/https_redirect.conf.disabled conf.d/https.conf
-Then restart the proxy with `forever restartall`.
+Then restart the proxy.
## How Do I Use WebSockets?
-Because we use [http-proxy] for HTTP forwarding, it should Just Work. Have a look at the
+Because we use nginx > 1.3 for HTTP forwarding, it will Just Work. Have a look at the
[socket.io example] for a tiny focused example which uses WebSockets via the excellent
socket.io library.
- [http-proxy]: https://github.com/nodejitsu/node-http-proxy
+ [nginx]: http://nginx.com/news/nginx-websockets/
[socket.io example]: https://github.com/lloyd/awsbox-socketio-example
## How Do I Install Software?
View
@@ -35,19 +35,23 @@ creating custom template images.
## The 'proxy' user
-The 'proxy' user is whom a node.js http-proxy bound on ports 80 and 443
-is run that forwards requests to your locally bound nodejs application.
+The 'proxy' user is where nginx configuration and log files reside. nginx
+is bound on ports 80 and 443 (depending on config) and forwards traffic
+to your application.
-You may scp/ssh in as the proxy user to modify SSL credentials and/or restart
-the proxy server using forever. The following files are interesting:
+You may scp/ssh in as the proxy user to modify SSL credentials or nginx
+configuration. The following files are interesting:
* `key.pem` - PEM encoded SSL private key for the server
* `cert.pem` - PEM encoded SSL certificate for the server.
* `gen_self_signed.sh` - the script that generates the former two items
- * `proxy_server.js` - The actual javascript code for the HTTP proxy
* `config.json` - A tiny JSON config file which can change the SSL
behavior of the proxy.
+## Restarting the proxy
+
+ ssh ec2-user@<ip> "sudo /etc/init.d/nginx restart"
+
## Installed/Running software
Write me.
View
@@ -22,7 +22,7 @@ environment variables.
}
You need to add this manually to `package.json` if you skipped the `--save-dev` argument in in step 0 above.
-
+
**5.** set up your server to bind localhost and defer to the environment for PORT
app.listen(process.env['PORT'] || 3000, '127.0.0.1');

0 comments on commit 8067f93

Please sign in to comment.