From bc78e16146f67e2531aba91b8c7260357ba61194 Mon Sep 17 00:00:00 2001 From: Anmol Sethi Date: Wed, 22 Jul 2020 16:05:21 -0400 Subject: [PATCH] doc/guide: Improve nginx docs (#1902) Made it a full alternative to caddy, just so we don't ever have to explain how to configure Nginx again. --- doc/guide.md | 68 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 45 insertions(+), 23 deletions(-) diff --git a/doc/guide.md b/doc/guide.md index ba47811a..522e4cef 100644 --- a/doc/guide.md +++ b/doc/guide.md @@ -10,6 +10,7 @@ - [SSH forwarding](#ssh-forwarding) - [Let's Encrypt](#lets-encrypt) - [Self Signed Certificate](#self-signed-certificate) + - [NGINX](#nginx) - [Change the password?](#change-the-password) - [How do I securely access development web services?](#how-do-i-securely-access-development-web-services) @@ -193,6 +194,8 @@ mydomain.com reverse_proxy 127.0.0.1:8080 ``` +Remember to replace `mydomain.com` with your domain name! + 5. Reload caddy with: ```bash @@ -204,6 +207,48 @@ Visit `https://` to access `code-server`. Congratulations! In a future release we plan to integrate Let's Encrypt directly with `code-server` to avoid the dependency on caddy. +#### NGINX + +If you prefer to use NGINX instead of Caddy then please follow steps 1-2 above and then: + +3. Install `nginx`: + +```bash +sudo apt update +sudo apt install -y nginx certbot python-certbot-nginx +``` + +4. Put the following config into `/etc/nginx/sites-available/code-server` with sudo: + +```nginx +server { + listen 80; + listen [::]:80; + server_name mydomain.com; + + location / { + proxy_pass http://localhost:8080/; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection upgrade; + proxy_set_header Accept-Encoding gzip; + } +} +``` + +Remember to replace `mydomain.com` with your domain name! + +5. Enable the config: + +```bash +sudo ln -s ../sites-available/code-server /etc/nginx/sites-enabled/code-server +sudo certbot --non-interactive --redirect --agree-tos --nginx -d mydomain.com -m me@example.com +``` + +Make sure to substitute `me@example.com` with your actual email. + +Visit `https://` to access `code-server`. Congratulations! + ### Self Signed Certificate **note:** Self signed certificates do not work with iPad and will cause a blank page. You'll @@ -244,29 +289,6 @@ To avoid the warnings, you can use [mkcert](https://mkcert.dev) to create a self trusted by your OS and then pass it into `code-server` via the `cert` and `cert-key` config fields. -### Nginx reverse proxy - -If you prefer to use Nginx instead of Caddy here is a sample config (put e.g. in -`/etc/nginx/sites-enabled/code-server`): - -```nginx -server { - listen 80 [::]:80; - server_name your-domain-name-here.com; - - location / { - proxy_pass http://127.0.0.1:8080/; - proxy_set_header Host $host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection upgrade; - proxy_set_header Accept-Encoding gzip; - } -} -``` - -It's highly recommended to set up a LetsEncrypt certificate and HTTP->HTTPS redirect as well. -In order to do this run `certbot --nginx -d your-domain-name-here.com`. - ### Change the password? Edit the `password` field in the `code-server` config file at `~/.config/code-server/config.yaml`