Install and Configure NGINX Reverse Proxy on Ubuntu

Nginx is a free and open-source web server and It works quite well as a reverse proxy server by directing web traffic to specific servers. This blog will show you how to configure Nginx on a Ubuntu VM and we will use this to configure an Nginx Reverse proxy required for our vCD

Step 1: Download and Install Ubuntu OS

Once installed, launch an SSH session

Step 2: Update Ubuntu Software Repositories

To ensure we always get the latest patch and security updates possible. We do that by running a command

sudo apt-get update

Step 3: Install Nginx

sudo apt-get install nginx -y

Step 4: Enable Nginx Services

<span class="line"><span style="color: #F6F6F4"># To Manage Nginx deamon</span></span>
<span class="line"><span style="color: #F6F6F4"># systemctl start</span><span style="color: #F286C4">|</span><span style="color: #F6F6F4">stop</span><span style="color: #F286C4">|</span><span style="color: #F6F6F4">status nginx</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4"># To Stop and Disable Service</span></span>
<span class="line"><span style="color: #F6F6F4">systemctl enable </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4">disable nginx</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4"># To Ensure service stays peristant during reboots</span></span>
<span class="line"><span style="color: #F6F6F4">chkconfig nginx on</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4"># To Show status </span><span style="color: #F286C4">of</span><span style="color: #F6F6F4"> httpd</span></span>
<span class="line"><span style="color: #F6F6F4">systemctl list</span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">unit</span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">files </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4"> grep nginx</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4">Optionally, services can be restarted </span><span style="color: #F286C4">as</span><span style="color: #F6F6F4"> </span></span>
<span class="line"><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">init.d</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4"> stop </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4"> start</span></span>
<span class="line"></span>

				
					
				1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

						<span class="line"><span style="color: #F6F6F4"># To Manage Nginx deamon</span></span>
<span class="line"><span style="color: #F6F6F4"># systemctl start</span><span style="color: #F286C4">|</span><span style="color: #F6F6F4">stop</span><span style="color: #F286C4">|</span><span style="color: #F6F6F4">status nginx</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4"># To Stop and Disable Service</span></span>
<span class="line"><span style="color: #F6F6F4">systemctl enable </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4">disable nginx</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4"># To Ensure service stays peristant during reboots</span></span>
<span class="line"><span style="color: #F6F6F4">chkconfig nginx on</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4"># To Show status </span><span style="color: #F286C4">of</span><span style="color: #F6F6F4"> httpd</span></span>
<span class="line"><span style="color: #F6F6F4">systemctl list</span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">unit</span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">files </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4"> grep nginx</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4">Optionally, services can be restarted </span><span style="color: #F286C4">as</span><span style="color: #F6F6F4"> </span></span>
<span class="line"><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">init.d</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4"> stop </span><span style="color: #F286C4">|</span><span style="color: #F6F6F4"> start</span></span>
<span class="line"></span>

					

			

Step 6: Generate Cert files

<span class="line"><span style="color: #F6F6F4">sudo openssl req </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">x509 </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">nodes </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">days </span><span style="color: #BF9EEE">365</span><span style="color: #F6F6F4"> </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">newkey rsa:</span><span style="color: #BF9EEE">2048</span><span style="color: #F6F6F4"> </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">keyout </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> vcloud..key </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">out </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> vcloud.crt </span></span>
<span class="line"></span>

				1
2

						<span class="line"><span style="color: #F6F6F4">sudo openssl req </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">x509 </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">nodes </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">days </span><span style="color: #BF9EEE">365</span><span style="color: #F6F6F4"> </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">newkey rsa:</span><span style="color: #BF9EEE">2048</span><span style="color: #F6F6F4"> </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">keyout </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> vcloud..key </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">out </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> vcloud.crt </span></span>
<span class="line"></span>

Step 5: Create New Configuration File

To create a new configuration file, enter:

vi /etc/nginx/conf.d/vcloud.conf

1	vi /etc/nginx/conf.d/vcloud.conf

<span class="line"><span style="color: #F6F6F4">server {</span></span>
<span class="line"><span style="color: #F6F6F4">listen </span><span style="color: #BF9EEE">443</span><span style="color: #F6F6F4">;</span></span>
<span class="line"><span style="color: #F6F6F4"># SSL Config</span></span>
<span class="line"><span style="color: #F6F6F4">ssl_certifcate </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">vcloud.crt</span></span>
<span class="line"><span style="color: #F6F6F4">ssl_certificate_key </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">vcloud.key</span></span>
<span class="line"><span style="color: #F6F6F4">location </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> {</span></span>
<span class="line"><span style="color: #F6F6F4">proxy_pass http:</span><span style="color: #7B7F8B">//my_server; # vCD cell webconsole</span></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4">server {</span></span>
<span class="line"><span style="color: #F6F6F4">listen </span><span style="color: #BF9EEE">8443</span><span style="color: #F6F6F4">;</span></span>
<span class="line"><span style="color: #F6F6F4">location </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> {</span></span>
<span class="line"><span style="color: #F6F6F4">proxy_pass http:</span><span style="color: #7B7F8B">//my_server:8443; # vCD cell console proxy</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>

				
					
				1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

						<span class="line"><span style="color: #F6F6F4">server {</span></span>
<span class="line"><span style="color: #F6F6F4">listen </span><span style="color: #BF9EEE">443</span><span style="color: #F6F6F4">;</span></span>
<span class="line"><span style="color: #F6F6F4"># SSL Config</span></span>
<span class="line"><span style="color: #F6F6F4">ssl_certifcate </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">nginx</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">vcloud.crt</span></span>
<span class="line"><span style="color: #F6F6F4">ssl_certificate_key </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">etc</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">ssl</span><span style="color: #F286C4">/</span><span style="color: #F6F6F4">vcloud.key</span></span>
<span class="line"><span style="color: #F6F6F4">location </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> {</span></span>
<span class="line"><span style="color: #F6F6F4">proxy_pass http:</span><span style="color: #7B7F8B">//my_server; # vCD cell webconsole</span></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4">server {</span></span>
<span class="line"><span style="color: #F6F6F4">listen </span><span style="color: #BF9EEE">8443</span><span style="color: #F6F6F4">;</span></span>
<span class="line"><span style="color: #F6F6F4">location </span><span style="color: #F286C4">/</span><span style="color: #F6F6F4"> {</span></span>
<span class="line"><span style="color: #F6F6F4">proxy_pass http:</span><span style="color: #7B7F8B">//my_server:8443; # vCD cell console proxy</span></span>
<span class="line"></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>
<span class="line"><span style="color: #F6F6F4">}</span></span>

					

			

This is a very basic Nginx reverse proxy example. Nginx is set to listen for all traffic on port 80 for all traffic.

The proxy_pass command directs all traffic on port 80 to http://my_server. Just change http://my_server to the location of your choice, and Nginx will intercept client requests and route them to the location you specify

To activate the new Nginx file, enter:

ln -s /etc/nginx/sites-available/custom_server.conf /etc/nginx/sites-enabled/custom_server.conf

1	ln -s /etc/nginx/sites-available/custom_server.conf /etc/nginx/sites-enabled/custom_server.conf

Step 7: Test and Restart Nginx

To test Nginx:

<span class="line"><span style="color: #F6F6F4">nginx </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">t</span></span>

				1

						<span class="line"><span style="color: #F6F6F4">nginx </span><span style="color: #F286C4">-</span><span style="color: #F6F6F4">t</span></span>

To restart Nginx:

<span class="line"><span style="color: #F6F6F4">systemctl nginx restart</span></span>

				1

						<span class="line"><span style="color: #F6F6F4">systemctl nginx restart</span></span>