NGINX [engine x] is one of the most popular light weight, free and open-source high-performance web server. NGINX can be used as a load balancer, reverse proxy, http cache or mail proxy. However most common use of NGINX is to be used as a reverse proxy to host web api’s and apparently NGINX is the easiest server to set up a reverse proxy.

Prerequisites – Basic Knowledge of Linux

Log in to REHL machine

If your REHL machine is a remote server, use PUTTY (assuming you are connecting to Linux server from a windows machine) to log in to the server.

Configure NGINX repo

Once logged in to Linux machine, first step is to configure NGINX Repo, to enable NGINX download

Run Command

sudo vi /etc/yum.repos.d/nginx.repo

This command will open the vi editor in Linux. Press “Insert” to begin writing to the editor

[nginx]

name=nginx repo

baseurl=http://nginx.org/packages/mainline/rhel/7/$basearch/

gpgcheck=0

enabled=1

Add the above configuration to the editor and save.

To save the vi editor, press “Esc” followed by “:w”. For quitting the vi editor with save, follow “:w” by “q” i.e. “:wq” (this translates to write and quit)

Install NGINX on REHL 7

Run following command to install NGINX

sudo yum install nginx

Once NGINX is installed, run following commands to enable and start NGINX

sudo systemctl enable nginx

sudo systemctl start nginx

sudo systemctl stop nginx

sudo systemctl restart nginx

Check status of NGINX service

sudo systemctl status nginx

NGINX service should be active(running). Test NGINX using curl command

curl -I http://localhost

curl http://localhost

Now the NGINX is successfully installed and setup on REHL

Configuring reverse proxy

Open NGINX configuration file in edit mode

sudo vi /etc/nginx/conf.d/default.conf

Add following configuration

location /customapiname {   proxy_pass http://127.0.0.1:5000/yourservice;       }

Update ssl certificate details

listen 443 ssl;

server_name domainname;

ssl_prefer_server_ciphers    on;

ssl_protocols       TLSv1.2;

ssl_ciphers           add your cipher

ssl_certificate      /etc/ssl/local/service.pem

ssl_certificate_key  /etc/ssl/private/service.key

Replace “customapiname” with name you want to access your web API with domain name. and replace “yourservice” with service name you need to expose. And replace domainname with the public domain name Save the configuration (“Esc” followed “:wq”). Your service will look like https:// domainname/customapiname to the outside world.