As a software developer or system administrator, you might have to establish a reverse proxy to streamline your server architecture. You can accomplish this by centralizing access to web applications, enhancing security, and optimizing load balancing.
Nginx is a powerful and versatile web server that is often utilized for this purpose. In this article, we will guide you through the process of setting up a reverse proxy with Nginx on AlmaLinux 9, a robust and open-source enterprise-level Linux distribution.
Installing Nginx
To begin, ensure that your system packages are up-to-date. Run the following command:
sudo dnf update -y
Next, install Nginx:
sudo dnf install nginx -y
Once installed, start and enable the Nginx service to run on boot:
sudo systemctl start nginx
sudo systemctl enable nginx
Configuring Nginx as a Reverse Proxy
Your website’s Nginx configuration file should resemble this:
sudo nano /etc/nginx/conf.d/your_domain.conf
Substitute ‘your_domain.com’ for your domain name and ‘backend_server_ip’ for the IP address of your backend server in the following server block:
server {
listen 80;
server_name your_domain.com;
location / {
proxy_pass http://backend_server_ip;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Save and exit the file.
Check the Nginx configuration for syntax errors:
sudo nginx -t
If your configuration testing is successful, reload Nginx to apply the modification.
sudo systemctl reload nginx
Securing Your Reverse Proxy with SSL/TLS
To secure your reverse proxy, you can utilize Let’s Encrypt to obtain a free SSL certificate, you need to install the Certbot client and the Nginx plugin:
sudo dnf install certbot python3-certbot-nginx -y
To obtain and install an SSL/TLS certificate, run Certbot:
sudo certbot --nginx -d your_domain.com
Follow the on-screen prompts to complete the process. Certbot will automatically update your Nginx configuration to use the acquired SSL/TLS certificate.
After following these steps, you have successfully set up Nginx as a reverse proxy on your AlmaLinux 9 server. Your applications are secured, and the server architecture is optimized for performance and reliability. Well, if managing your server infrastructure is becoming challenging or requires additional expertise in carrying out complex configurations, then it is possible to hire remote DevOps engineers to help you streamline the processes in your deployment and operations.