Mercurial > hg > digilib

changeset 1643:31e259b64e26

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge pull request #3 from funkyfuture/docs Docs: nginx as proxy
author Robert Casties <casties@mpiwg-berlin.mpg.de>
date Thu, 17 Aug 2017 16:06:00 -0400
parents 3972535c1146 (current diff) b924f480326e (diff)
children 42a0af95a73c
files
diffstat 1 files changed, 38 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/src/site/markdown/deployment.md	Thu Aug 17 16:06:00 2017 -0400
@@ -0,0 +1,38 @@
+# Deploying digilib
+
+There are a variety of ways to deploy digilib on different server setups.
+
+## nginx as proxy
+
+This is an example configuration for `nginx` as a proxy for a single instance
+of digilib (listening on port `8080`) that handles transport encryption and
+restricts access to sensitive data to the gateway of a local network
+(`1.2.3.4`).
+
+```nginx
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name digilib.example.org;
+
+    # this certificate chain shall *not* include the root certificate:
+    ssl_certificate /etc/ssl/certs/digilib.example.org.pem;
+    ssl_certificate_key /etc/ssl/private/digilib.example.org.key;
+
+    include /etc/nginx/proxy_params;
+
+    location ~* .*/(dlConfig|dlRequest).jsp$ {
+        allow 1.2.3.4;
+        deny all;
+        proxy_pass http://localhost:8080;
+    }
+
+    location / {
+        proxy_pass http://localhost:8080;
+    }
+}
+```
+
+## Resources
+
+- the [nginx documentation](nginx.org/en/docs/)