Nginx configutaion for Lora-App-Server

ChirpStack Application Server
1

Hi
I have installed all 3 on a single instance as of now.
I followed this guide for installations: Debian-ubuntu

I am not able to configure nginx for Lora-App-Server.

Can someone guide me in nginx setup?

2

As you didn’t state what’s the problem you face with nginx, I’ll show you one of our setups in case you find it helpful. We use Let’s Encrypt for our certificates.

server {

        index index.html index.htm index.nginx-debian.html;
        server_name openaquila.com www.openaquila.com; # managed by Certbot

        location ~ ^/api/(gateways|devices)/(\w+)/(frames|events)$ {
                proxy_pass https://127.0.0.1:8080/api/$1/$2/$3;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "Upgrade";
                proxy_read_timeout 86400s;
                proxy_send_timeout 86400s;
        }

        location / {
                proxy_pass https://127.0.0.1:8080;
        }


    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/openaquila.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/openaquila.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    listen 443 ssl http2;
    server_name forum.openaquila.com;

    ssl_certificate /etc/letsencrypt/live/openaquila.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/openaquila.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
        proxy_pass http://forum.openaquila.com:8090/;
        proxy_set_header Host $http_host;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect http://forum.openaquila.com:8090/ https://forum.openaquila.com;
    }
}

server {
    if ($host = forum.openaquila.com) {
        return 301 https://forum.openaquila.com$request_uri;
    } # managed by Certbot


    if ($host = www.openaquila.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = openaquila.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80 ;
        listen [::]:80 ;
    server_name forum.openaquila.com openaquila.com www.openaquila.com;
    return 404; # managed by Certbot
}
3

Will this be suffice for wss via nginx for the application server?

4

It should work, it does for us at least.

5

Hi @iegomez,

how did you configured NGINX for MQTT of Mosquito and make it run :slight_smile: :+1:

6

In short, I didn’t: I connect to the broker from whichever client using the domain and the explicit port.

7

Hi @iegomez … good to know, thanx.

8

To be clear, you can do it and it’s pretty much the same as proxying any service from nginx as it’s just an http(s) or websocket connection. I didn’t do it because I have multiple loraserver, lora-app-server, brokers, etc., and I’m ok with having my client tools connecting to different brokers by port.

9

Thank you for clarification.