https://github.com/aknuds1/meteor-frontend-server

Nginx frontend server to Meteor.
https://github.com/aknuds1/meteor-frontend-server

Last synced: 8 months ago
JSON representation

Nginx frontend server to Meteor.

• Host: GitHub
• URL: https://github.com/aknuds1/meteor-frontend-server
• Owner: aknuds1
• Created: 2015-08-28T14:15:34.000Z (about 10 years ago)
• Default Branch: master
• Last Pushed: 2015-08-28T14:16:30.000Z (about 10 years ago)
• Last Synced: 2025-01-06T18:19:00.232Z (9 months ago)
• Language: Nginx
• Size: 113 KB
• Stars: 1
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Frontend Server for Meteor Up

This is the front end server used by Meteor Up in front of meteor apps. This is the latest version of nginx bundled as a docker image. It is configured to run with every app deployed with Meteor Up. But, this is not a Load Balancer.

## For SSL Support

We use this for SSL support for Mup.

Here's how to run this:

~~~shell

docker run \

  --volume=/opt//config/bundle.crt:/bundle.crt \

  --volume=/opt//config/private.key:/private.key \

  --link=:backend \

  --publish=443:443 \

  meteorhacks/mup-frontend-server /start.sh

~~~

As you've noticed, we need to add two volumes for the `bundle.crt` and `private.key`.

#### bundle.crt

This is a bundle containing all of your certificates including the provided CA certificates. To create this file you need to concatenate all certificates starting from your domain certificate to the top level CA certificates. Here's an example:

~~~shell

cat \

    bulletproofmeteor_com.crt \

    COMODORSADomainValidationSecureServerCA.crt \

    COMODORSAAddTrustCA.crt \

    AddTrustExternalCARoot.crt > bundle.crt

~~~

#### private.key

This is the private key you've used to generate the above certficate.

### Verify Configuration

You can verify the SSL configuration like this:

~~~shell

docker run \

  --volume=/opt//config/bundle.crt:/bundle.crt \

  --volume=/opt//config/private.key:/private.key \

  meteorhacks/mup-frontend-server /verify.sh

~~~

### Why Nginx?

There's the question why we've chosen nginx for the SSL termination. We could've used something like `stud` or `bud`.

We need to get the correct IP address of the real connection, which is required for certain apps such as Sikka. Normally SSL terminators like `stud` and `bud` do not support this or support it only partially.

## For Static File Caching

We've not implemented this yet!