-1

I'm struggling at finding "best" (I know this is subjective, I'll explain in a minute) config for a nginx server.

My server is responsible of :

  • Reverse proxying from 3 apps
  • Delivering ssl certificates

and I'm looking for proxy config good practises for each case.

Here's the architecture

                              | Wordpress        | wp.myhost.com
                            - | articles app     |
                           /
                          /
                         /    | Complex          |
http://myhost --- nginx  ---- | node.js app      | myapp.herokuapp.com
                  server \    | hosted on heroku |
     ^                    \
 NS record                 \
  type A                    - | Simple node.js   |
                              | homepage hosted  | hp.herokuapp.com
                              | on heroku        |

I'd like to have :

  • myhost.com (aliased to www.myhost.com) / going to hp.herokuapp.com
  • myhost.com /articles going to wp.myhost.com
  • myhost.com /app going to myapp.herokuapp.com

Here's what I got working :

upstream herokuhp {
  server hp.herokuapp.com:443;
}

upstream herokuapp {
  server app.herokuapp.com:443;
}

upstream wordpress {
  server wp.myhost.com:443;
}

server {
  listen 80;
  server_name myhost.com;
  server_alias www.myhost.com;
  rewrite ^(.*) https://$host$1;
}

server {
  listen 443 ssl;
  ssl_certificate /etc/letsencrypt/live/www.myhost.com/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/www.myhost.com/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

  server_name myhost.com;
  server_alias www.myhost.com;

  proxy_redirect off;
  proxy_set_header Host $host;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

  location ~ /articles {
    proxy_pass https://wordpress;
  }

  location ~ / {
    proxy_pass https://herokuhp;
  }

  location ~ /app {
    proxy_pass https://herokuapp;
  }
}

I now would like to get advices and best practises to optimize this piece configuration (regarding performance, SEO frienship, app updates awareness), mostly around caching, and buffering :)

Cyril CHAPON
  • 109
  • 5

1 Answers1

1

From the point of view of nginx you can add a rule to manage the in-memory lifespan of static files alongside in-browser caching with something like this:

location ~* ^.+\.(ogg|ogv|svg|svgz|css|js|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
               expires max;
        }

but it's worth reading up on that or testing your sites with Google Sitespeed or similar and following the recommendations there. You can also enabled compression if it isn't - the settings are in nginx.conf but may need enabling for file types.

Nginx doesn't actually cache: static files are served from memory and the mechanism is quite flexible but you may have to look at your application delivery. There is a plugin for nginx in front of Wordpress that expires the cache and this can be useful. Buffering is about the response from the backend and while the default settings are good and flexible you may have to tweak a little if you are seeing timeouts at the front end, especially if your backend is outside of your local network, but don't do anything unless you have to. If you are using pretty URLs with Wordpress using .htaccess on your backend, you can stay with that. That's about as much as SEO means with regard to nginx in your setup.

Simon Greenwood
  • 1,343
  • 9
  • 12