Nginx as a Reverse Proxy - webbukkit/dynmap GitHub Wiki
If you'd like to use Nginx to HTTPS Dynmap's connection, omit Dynmap's port, or use your own domain instead of the IP then:
- Install Nginx. It is best to look up how to do this bit, but for Unbuntu people it's
sudo apt install nginx
. - Turn Nginx on and set to start at launch:
sudo systemctl start nginx
sudo systemctl enable nginx
- Go to Nginx's configuration file
cd /etc/nginx/sites-available/
and open the default config filesudo vi default
. - Replace it's contents with:
server {
server_name <domain.com>
listen 80;
location / {
proxy_pass http://localhost:8123/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
- Click
i
to start editing the file,esc
to stop editing, then:x
to save and exit the file.:q
to exit, and:q!
to exit without saving. - If you have your own domain then replace
<domain.com>
with your own domain otherwise omit the line from the config. If you put your own domain here then Dynmap will only respond to people who go through the domain and not the IP.
- Test the changes to the config you've made
sudo service nginx configtest
. - And if you get no errors then restart Nginx
sudo service nginx restart
. - At this point the port can be omitted when using the link. If you added your own domain to the config then make sure you've gone to your domains DNS settings and added an
A
record with host@
and pointed to the server's IP.- Make sure port 80 is open in the firewall (and port forwarded on the router if applicable).
- Now to HTTPS your connection go to CertBot, select Nginx as the software, and select your OS in the system drop-down menu. Their website will provide you with a step by step guide on how to HTTPS your Nginx Reverse Proxy.
- Make sure port 443 is open in the firewall (and port forwarded on the router if applicable).
Note: Nginx as a Reverse Proxy should be run on the same machine that Dynmap is running on. If this is not possible for you then you can consider using an external web server instead.