This page contains various Nginx configurations ready to use for you convenience.
Linux configurations are suitable for all Linux OS (Debian, Ubuntu, Centos, Rhel, etc.).
Windows configs are only for Windows servers, as Nginx on Windows does not support image-filter module, so there will be no image previews, and that's why configs are different.
HTTP configs are used for non-secure connections.
HTTPS configs are used if you have SSL. You will need certificate and private key. For HTTPS configs you also typically add a redirector config file (ar add a redirector as a part of the existing config), so that people accessing HTTP will automatically be redirected to HTTPS.
3 domains configs (recommended) are used when you have a separate domain for each of the services (Admin panel, UI and API server link)
1 domain configs (not recommended, but also used) - instead of separate domains, API, panel and UI are subdirectories.
In the configurations you can see the following variables. You need to edit the configs yourself and replace the variables with the actual values you use.
${api.domain} = domain for API server;
${panel.domain} = domain for Admin panel;
${ui.domain} = domain for User interface;
${base.domain} = basic for use in configurations with 1 domain;
${ssl_cert_path} = path to certificate file;
${ssl_key_path} = path to private key file.
If you are going to use SSL, you do not always need to specify the full path to your certificates in Nginx configuration. You can create a subfolder in Nginx directory and place the certificates there. In this case you need to specify in the Nginx configuration only short path: ssl/name.crt and ssl/name.key
For Linux, a path to this directory should be like: /etc/nginx/ssl
For Windows, it should be like: C:\nginx\conf\ssl
Linux
server {
listen 80 default_server; ## listen for ipv4
client_max_body_size 20m;
location /api {
proxy_pass http://127.0.0.1:8084/;
rewrite /api/(.*) /$1 break;
access_log /var/log/nginx/api.access.log;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /api/event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /api/file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /api/file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
location /api/file/preview/ {
proxy_cache images;
proxy_cache_valid 200 24h;
proxy_pass http://127.0.0.1:18888/file/preview/;
}
location /api/console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /panel {
index index.html;
add_header Access-Control-Allow-Origin *;
alias /var/www/panel-v2/;
access_log /var/log/nginx/panel.access.log;
}
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root /var/www/pro-ui/;
access_log /var/log/nginx/my.access.log;
}
}server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443 default ipv6only=on; ## listen for ipv6
server_name ${base.domain};
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location /api {
access_log /var/log/nginx/api.access.log;
proxy_redirect off;
rewrite /api/(.*) /$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8084;
}
location /api/event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /api/console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /api/file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /api/file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
location /api/file/preview/ {
proxy_cache images;
proxy_cache_valid 200 24h;
proxy_pass http://127.0.0.1:18888/file/preview/;
}
location /panel {
index index.html;
add_header Access-Control-Allow-Origin *;
alias /var/www/panel-v2/;
access_log /var/log/nginx/panel.access.log;
}
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root /var/www/pro-ui/;
access_log /var/log/nginx/my.access.log;
}
location ~ images/\w*\.(png|jpg) {
root /var/www/;
}
}server {
listen 80; ## listen for ipv4
# listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name ${api.domain};
access_log /var/log/nginx/${api.domain}.access.log;
client_max_body_size 20m;
location / {
proxy_pass http://127.0.0.1:8084;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
location /file/preview/ {
proxy_cache images;
proxy_cache_valid 200 24h;
proxy_pass http://127.0.0.1:18888/file/preview/;
}
}
server {
listen 80; ## listen for ipv4
# listen [::]:80; ## listen for ipv6
server_name ${panel.domain};
access_log /var/log/nginx/${panel.domain}.access.log;
client_max_body_size 20m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root /var/www/panel-v2/;
}
}
server {
listen 80; ## listen for ipv4
# listen [::]:80; ## listen for ipv6
server_name ${ui.domain};
access_log /var/log/nginx/${ui.domain}.access.log;
client_max_body_size 20m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root /var/www/pro-ui/;
}
location ~ images/\w*\.(png|jpg|jpeg) {
root /var/www/;
}
}server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443 default ipv6only=on; ## listen for ipv6
server_name ${api.domain};
access_log /var/log/${api.domain}.access.log;
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8084;
}
location /event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
location /file/preview/ {
proxy_cache images;
proxy_cache_valid 200 24h;
proxy_pass http://127.0.0.1:18888/file/preview/;
}
}
server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443; ## listen for ipv6
server_name ${panel.domain};
access_log /var/log/${panel.domain}.access.log;
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root /var/www/panel-v2/;
}
}
server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443; ## listen for ipv6
server_name ${ui.domain};
access_log /var/log/${ui.domain}.access.log;
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root /var/www/pro-ui/;
}
location ~ images/\w*\.(png|jpg|svg) {
root www/;
}
}Windows
server {
listen 80; ## listen for ipv4
client_max_body_size 20m;
location /api {
proxy_pass http://127.0.0.1:8084/;
rewrite /api/(.*) /$1 break;
access_log logs/api.access.log;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /api/event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /api/file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /api/file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
location /api/console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /panel {
index index.html;
add_header Access-Control-Allow-Origin *;
alias www/panel-v2/;
access_log logs/panel.access.log;
}
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root www/pro-ui/;
access_log logs/ui.access.log;
}
location ~ images/\w*\.(png|jpg|jpeg) {
root www/;
}
}server {
listen 443 ssl; ## listen for ipv4
# listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name ${base.domain};
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location /api {
proxy_pass http://127.0.0.1:8084;
rewrite /api/(.*) /$1 break;
access_log logs/api.access.log;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /api/event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /api/console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /api/file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /api/file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
location /panel {
index index.html;
add_header Access-Control-Allow-Origin *;
alias www/panel-v2/;
access_log logs/panel.access.log;
}
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
access_log logs/ui.access.log;
root www/pro-ui/;
}
location ~ images/\w*\.(png|jpg|jpeg) {
root www/;
}
}server {
listen 80; ## listen for ipv4
# listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name ${api.domain};
access_log logs/${api.domain}.ssl.access.log;
client_max_body_size 20m;
location / {
proxy_pass http://127.0.0.1:8084;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
}
server {
listen 80; ## listen for ipv4
# listen [::]:80; ## listen for ipv6
server_name ${panel.domain};
access_log logs/${panel.domain}.access.log;
client_max_body_size 20m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root www/panel-v2/;
}
}
server {
listen 80; ## listen for ipv4
# listen [::]:80; ## listen for ipv6
server_name ${ui.domain};
access_log logs/${ui.domain}.access.log;
client_max_body_size 20m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root www/pro-ui/;
}
location ~ images/\w*\.(png|jpg|jpeg) {
root www/;
}
}server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443 default ipv6only=on; ## listen for ipv6
server_name ${api.domain};
access_log logs/${api.domain}.ssl.access.log;
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8084;
}
location /event {
proxy_pass http://127.0.0.1:8084/event;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
break;
}
location /console {
proxy_pass http://127.0.0.1:8383/console;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 1000s;
}
location /file/upload/ {
proxy_pass http://127.0.0.1:8084/file/upload/;
proxy_send_timeout 5m;
client_max_body_size 16m;
}
location /file/dl/ {
proxy_pass http://127.0.0.1:8084/file/dl/;
}
}
server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443; ## listen for ipv6
server_name ${panel.domain};
access_log logs/${panel.domain}.ssl.access.log;
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root www/panel-v2/;
}
}
server {
listen 443 ssl; ## listen for ipv4
# listen [::]:443; ## listen for ipv6
server_name ${ui.domain};
access_log logs/${ui.domain}.ssl.access.log;
client_max_body_size 20m;
ssl_certificate ${ssl_cert_path};
ssl_certificate_key ${ssl_key_path};
# ssl on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
index index.html;
add_header Access-Control-Allow-Origin *;
root www/pro-ui/;
}
location ~ images/\w*\.(png|jpg) {
root www/;
}
}HTTP-HTTPS redirector
When you use HTTPS, you may want your users to be able to get to the platform even if they open the address via HTTP. To do this, you need to add an HTTP-HTTPS redirector config. This can either be part of the existing config (just add it to the end), or it can be a separate file located in the same directory.
The redirector works the same for Linux and Windows, the only difference is the number of domains you use.
server {
listen 80;
server_name ${base.domain};
location / {
return 301 https://${base.domain}$request_uri;
}
}server {
listen 80;
server_name ${api.domain};
location / {
return 301 https://${api.domain}$request_uri;
}
}
server {
listen 80;
server_name ${panel.domain};
location / {
return 301 https://${panel.domain}$request_uri;
}
}
server {
listen 80;
server_name ${ui.domain};
location / {
return 301 https://${ui.domain}$request_uri;
}
}