Mercurial > hg > digilib

view doc/src/site/markdown/deployment.md @ 1654:22dd14eccdc0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change digilib project links to GitHub.
author Robert Casties <r0bcas7@gmail.com>
date Tue, 14 Nov 2017 18:41:22 +0100
parents b924f480326e
children
line wrap: on
line source

# Deploying digilib

There are a variety of ways to deploy digilib on different server setups.

## nginx as proxy

This is an example configuration for `nginx` as a proxy for a single instance
of digilib (listening on port `8080`) that handles transport encryption and
restricts access to sensitive data to the gateway of a local network
(`1.2.3.4`).

```nginx
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name digilib.example.org;

    # this certificate chain shall *not* include the root certificate:
    ssl_certificate /etc/ssl/certs/digilib.example.org.pem;
    ssl_certificate_key /etc/ssl/private/digilib.example.org.key;

    include /etc/nginx/proxy_params;

    location ~* .*/(dlConfig|dlRequest).jsp$ {
        allow 1.2.3.4;
        deny all;
        proxy_pass http://localhost:8080;
    }

    location / {
        proxy_pass http://localhost:8080;
    }
}
```

## Resources

- the [nginx documentation](nginx.org/en/docs/)