Skip to content

03. Reverse Proxy Setup

Jump to bottom
Mygod edited this page Sep 27, 2025 · 5 revisions

Nginx

This is a basic setup to get ReactMap running with Nginx. It is highly recommended to enable SSL (HTTPS) for production systems for both security and the "locate me" feature. That topic is beyond the scope of this documentation and there are many ways to implement it.

Extra references

Linux Setup

  1. sudo apt-get update
  2. sudo apt-get install nginx
  3. sudo nano /etc/nginx/conf.d/default.conf
  4. Copy and paste the following into the file:
server {
    listen        80;
    listen        [::]:80;
    server_name   your_map_url.com;

    location / {
        proxy_pass              http://127.0.0.1:8080/;
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_request_buffering off;
        proxy_buffering         off;
        proxy_set_header        Connection keep-alive;
    }
}

Docker Setup

  1. Uncomment the nginx section in the docker-compose.example.yml file.
  2. Create your config file: touch server/src/configs/nginx.conf
  3. Copy and paste the following into the file:
server {
    listen        80;
    listen        [::]:80;
    server_name   your_map_url.com;

    location / {
        proxy_pass              http://reactmap:8080/;
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_request_buffering off;
        proxy_buffering         off;
        proxy_set_header        Connection keep-alive;
    }
}

Extra references

Apache Setup on Ubuntu 20.04

Credit to: M3G4THEKING

  1. sudo apt-get update
  2. sudo apt install apache2
  3. sudo ufw app list
  4. sudo ufw allow 'Apache'
  5. sudo ufw status
  6. sudo systemctl status apache2
  7. Visit http://your_server_ip to confirm Apache is running.
  8. sudo mkdir /var/www/your_domain
  9. sudo chown -R $USER:$USER /var/www/your_domain
  10. sudo chmod -R 755 /var/www/your_domain
  11. Create a virtual host file at /etc/apache2/sites-available/your_domain.conf (for example with sudo nano /etc/apache2/sites-available/your_domain.conf).
  12. Insert the following configuration:
<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName your_domain
    ServerAlias www.your_domain
    DocumentRoot /var/www/your_domain

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
  1. sudo a2ensite your_domain.conf
  2. sudo a2dissite 000-default.conf
  3. sudo apache2ctl configtest
  4. sudo systemctl restart apache2
  5. Apache should now serve your domain at http://your_domain.

Apache Setup Reverse-Proxy with mod_proxy on Ubuntu 20.04

  1. sudo a2enmod proxy proxy_http proxy_balancer lbmethod_byrequests
  2. sudo systemctl restart apache2
  3. Edit /etc/apache2/sites-available/your_domain.conf and add a reverse-proxy block similar to the following:
<VirtualHost *:8080>
    ServerAdmin webmaster@your_domain
    ServerAlias your_domain
    DocumentRoot /var/www/your_domain/

    ProxyPreserveHost On
    ProxyPass / http://your_ip:8080/
    ProxyPassReverse / http://your_ip:8080/

    RewriteCond %{HTTP_HOST} !^reactmap\.your_domain\.net$ [NC]
    RewriteRule ^/$ http://%{HTTP_HOST}/ [L,R=301]

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
  1. sudo systemctl restart apache2
  2. Apache is now configured as a reverse proxy for ReactMap.

Setup CertBot

  • sudo apt install certbot python3-certbot-apache
  • sudo apache2ctl configtest
  • sudo systemctl reload apache2

Allowing HTTPS Through the Firewall

  1. sudo ufw status
  2. sudo ufw allow 'Apache Full'
  3. sudo ufw delete allow 'Apache'

Obtaining an SSL Certificate

  1. sudo certbot --apache
  2. Provide a valid email address when prompted and press ENTER.
  3. Read the Let's Encrypt terms of service, then press A followed by ENTER to agree.
  4. Choose whether to share your email with the Electronic Frontier Foundation (Y or N).
  5. Select the domains you want to secure (for example, 1 for your_domain, 2 for www.your_domain, or leave the prompt blank to select all listed domains).
  6. When asked about redirecting HTTP traffic to HTTPS, choose option 2 to force HTTPS (recommended) or option 1 to keep both available.
  7. After the prompts, Certbot installs your certificate and displays the certificate and key file paths.

A good way to validate the certificate is with these links:

  • https://www.ssllabs.com/ssltest/analyze.html?d=your_domain
  • https://www.ssllabs.com/ssltest/analyze.html?d=www.your_domain

Verifying Certbot Auto-Renewal

Let's Encrypt certificates are only valid for ninety days. The Certbot package installs a renewal script in /etc/cron.d, managed by the certbot.timer systemd service. The script runs twice a day and automatically renews certificates that are within thirty days of expiration.

To confirm the renewal service is active and functioning, run:

  • sudo systemctl status certbot.timer
  • sudo certbot renew --dry-run

Clone this wiki locally