We will see how to setup Nginx as a proxy to other web server. I used this configuration while transiting from lighttpd to Nginx. After installing Nginx I setup it to redirect all the web traffic to the lighttpd serrver. The aimed is to switch gradually from Nginx to lighttpd the different services served by lighttpd we as little interruption as possible.

Setup of the proxy for web traffic

An example of configuration file to transfer all request on port 80 to an other web server listening on port 8080.

 1 server {
 2     listen 80;
 3     listen [::]:80;
 4     location / {
 5         proxy_set_header X-Real-IP  $remote_addr;
 6         proxy_set_header X-Forwarded-For $remote_addr;
 7         proxy_set_header Host $host;
 8         proxy_pass
10     }
11 }

The proxy_set_header Host allow to tranfer address at which the proxy had been reach. Therefore, if the server listening on port 8080 as virtualhost they will work.

Setup of the proxy for encrypted web traffic

This is an enhancement of the previous one that redirect the traffic of port 443 to a https server listening on port 8081. In our case the TLS encrypted connection is setup on the proxy and the web server with letsencrypt and use the same certificates.

 1 server {
 2     listen 443;
 3     listen [::]:443;
 4     ssl on;
 5     ssl_protocols TLSv1.2;
 6     ssl_certificate /etc/letsencrypt/live/mydomain.tld/fullchain.pem;
 7     ssl_certificate_key /etc/letsencrypt/live/mydomain.tld/privkey.pem;
 8     ssl_dhparam /etc/ssl/certs/dhparam.pem;
 9     ssl_ecdh_curve secp384r1;
10     ssl_prefer_server_ciphers on;
12     location / {
13         proxy_set_header X-Real-IP $remote_addr;
14         proxy_set_header X-Forwarded-For $remote_addr;
15         proxy_set_header Host $host;
16         proxy_set_header X-Forwarded-Proto $scheme;
17         add_header Front-End-Https on;
18         proxy_pass;
19         proxy_redirect off;
20     }
21 }