Nostr Web Client

unknown 1y ago

You could leave it the same.

Next you need a nginx reverse proxy to forward traffic to strfry

install nginx, certbot for ssl,

here is my nginx config for strfry

Logo

Issues

Pull Requests

Milestones

Explore

verita84

server

Private

Code

Issues

Pull Requests

Packages

Projects

Releases

Wiki

Activity

Settings

server

nginx

sites-enabled

nostr.conf

90 lines

2.5 KiB

Plaintext

Executable File

upstream strfry {

server 192.168.0.55:7777;

}

server {

if ($host = relay.poster.place) {

return 301 https://$host$request_uri;

} # managed by Certbot

server_name relay.poster.place;

root /var/lib/nginx/html;

listen 80; # managed by Certbot

}

server {

add_header Referrer-Policy "no-referrer" always;

add_header X-Content-Type-Options "nosniff" always;

add_header X-Download-Options "noopen" always;

add_header X-Frame-Options "SAMEORIGIN" always;

add_header X-Permitted-Cross-Domain-Policies "none" always;

add_header X-Robots-tAg "none" always;

add_header X-XSS-Protection "1; mode=block" always;

add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;

listen 0.0.0.0:443 ssl;

server_name relay.poster.place;

ssl_certificate_key /etc/letsencrypt/live/relay.poster.place-0002/privkey.pem; # managed by Certbot

ssl_certificate /etc/letsencrypt/live/relay.poster.place-0002/fullchain.pem; # managed by Certbot

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers HIGH;

#root /var/www/nextcloud;

proxy_buffering on;

client_max_body_size 100G;

fastcgi_buffers 64 4k;

gzip on;

gzip_comp_level 9;

gzip_min_length 256;

gzip_types

text/css

text/plain

text/javascript

application/javascript

application/json

application/x-javascript

application/xml

application/xml+rss

application/xhtml+xml

application/x-font-ttf

application/x-font-opentype

application/vnd.ms-fontobject

image/svg+xml

image/x-icon

application/rss+xml

application/atom_xml;

location = /robots.txt {

allow all;

log_not_found off;

}

location / {

add_header Referrer-Policy "no-referrer" always;

add_header X-Content-Type-Options "nosniff" always;

add_header X-Download-Options "noopen" always;

add_header X-Frame-Options "SAMEORIGIN" always;

add_header X-Permitted-Cross-Domain-Policies "none" always;

add_header X-Robots-Tag "none" always;

add_header X-XSS-Protection "1; mode=block" always;

add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;

client_max_body_size 100G;

client_body_buffer_size 100000m;

proxy_pass http://strfry;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

proxy_set_header Host $http_host;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

}

Reply to this note

Please Login to reply.

Discussion

S!ayer 1y ago

what is the commands to install the nginx and the certssl? Is there anything else that needs to be installed?

unknown 1y ago

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-debian-11

S!ayer 1y ago

also, I'm assuming there will be a conf file that I can nano once I have installed the nginx dependancies right? I'm kinda barrelling through this and hacking, as I usually do, something that is workable... lol so please bear with me

unknown 1y ago

I sent you my config file on pastebin