# Setup HTTPS on NGINX This documentation provide configuration below. It's using Nginx as web server, offload the SSL traffic, and proxy request to CodiMD backend. ## Configuration Example ``` # setup a upstream point to CodiMD server upstream @codimd { server 127.0.0.1:3000; keepalive 300; } # for socket.io (http upgrade) map $http_upgrade $connection_upgrade { default upgrade; '' close; } # redirect all http traffic to https server { listen 80; server_name codimd.example.com; return 301 https://$server_name$request_uri; } # https server server { listen 443 ssl http2; server_name codimd.example.com; # setup certificate ssl_certificate /etc/ssl/codimd.example.com.full.crt; ssl_certificate_key /etc/ssl/codimd.example.com.key; location / { proxy_http_version 1.1; # set header for proxy protocol proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; # setup for image upload client_max_body_size 8192m; # adjust proxy buffer setting proxy_buffers 8 32k; proxy_buffer_size 32k; proxy_busy_buffers_size 64k; proxy_max_temp_file_size 8192m; proxy_read_timeout 300; proxy_connect_timeout 300; proxy_pass http://@codimd; } } ```