doc/guide: Improve nginx docs (#1902)

Made it a full alternative to caddy, just so we don't ever have to explain how to configure Nginx again.
This commit is contained in:
Anmol Sethi 2020-07-22 16:05:21 -04:00
parent 3764d296c6
commit bc78e16146
No known key found for this signature in database
GPG Key ID: 8CEF1878FF10ADEB

View File

@ -10,6 +10,7 @@
- [SSH forwarding](#ssh-forwarding)
- [Let's Encrypt](#lets-encrypt)
- [Self Signed Certificate](#self-signed-certificate)
- [NGINX](#nginx)
- [Change the password?](#change-the-password)
- [How do I securely access development web services?](#how-do-i-securely-access-development-web-services)
@ -193,6 +194,8 @@ mydomain.com
reverse_proxy 127.0.0.1:8080
```
Remember to replace `mydomain.com` with your domain name!
5. Reload caddy with:
```bash
@ -204,6 +207,48 @@ Visit `https://<your-domain-name>` to access `code-server`. Congratulations!
In a future release we plan to integrate Let's Encrypt directly with `code-server` to avoid
the dependency on caddy.
#### NGINX
If you prefer to use NGINX instead of Caddy then please follow steps 1-2 above and then:
3. Install `nginx`:
```bash
sudo apt update
sudo apt install -y nginx certbot python-certbot-nginx
```
4. Put the following config into `/etc/nginx/sites-available/code-server` with sudo:
```nginx
server {
listen 80;
listen [::]:80;
server_name mydomain.com;
location / {
proxy_pass http://localhost:8080/;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
}
}
```
Remember to replace `mydomain.com` with your domain name!
5. Enable the config:
```bash
sudo ln -s ../sites-available/code-server /etc/nginx/sites-enabled/code-server
sudo certbot --non-interactive --redirect --agree-tos --nginx -d mydomain.com -m me@example.com
```
Make sure to substitute `me@example.com` with your actual email.
Visit `https://<your-domain-name>` to access `code-server`. Congratulations!
### Self Signed Certificate
**note:** Self signed certificates do not work with iPad and will cause a blank page. You'll
@ -244,29 +289,6 @@ To avoid the warnings, you can use [mkcert](https://mkcert.dev) to create a self
trusted by your OS and then pass it into `code-server` via the `cert` and `cert-key` config
fields.
### Nginx reverse proxy
If you prefer to use Nginx instead of Caddy here is a sample config (put e.g. in
`/etc/nginx/sites-enabled/code-server`):
```nginx
server {
listen 80 [::]:80;
server_name your-domain-name-here.com;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
}
}
```
It's highly recommended to set up a LetsEncrypt certificate and HTTP->HTTPS redirect as well.
In order to do this run `certbot --nginx -d your-domain-name-here.com`.
### Change the password?
Edit the `password` field in the `code-server` config file at `~/.config/code-server/config.yaml`