-
Notifications
You must be signed in to change notification settings - Fork 37
Configuring a reverse proxy server
Do you want to run your own public Overview server? Overview listens on port 9000, and it doesn't handle SSL. You should use a reverse proxy or load balancer to terminate SSL for Overview.
Configure your load balancer or reverse proxy the same way you would with any web server. Be sure:
- Overview should receive
X-Forwarded-For, so it logs the correct IP addresses. - Your load balancer or reverse proxy must not buffer requests. Overview supports multi-gigabyte file uploads, and it supports resuming of small uploads, and buffers break those features.
Here's how to configure some popular servers.
Overview uses haproxy on production. The default settings are just fine. You should ensure forwardfor is on so that we log clients' IP addresses correctly, but that isn't a critical feature. For instance:
global
...
defaults
...
option forwardfor
frontend overview_frontend
mode http
default_backend overview_backend
...
backend overview_backend
mode http
server overview 127.0.0.1:9000
...
Nginx does things by default that can't be good: it serves static files and buffers requests. We don't recommend it for Overview.
To handle large file uploads, you must disable proxy_buffering. Otherwise, when the user uploads a 100MB file, nginx will deny the request and the client will retry the upload forever.
For instance:
location / {
proxy_pass http://localhost:9000;
# ensure nginx doesn't break uploads
proxy_buffering off;
# ensure Overview logs correct IP addresses
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}