From 5ebde405ea586e9543302541affc67adf7d9aa1d Mon Sep 17 00:00:00 2001 From: Yamila Moreno Date: Wed, 19 Feb 2025 15:06:26 +0100 Subject: [PATCH 1/2] :books: Document how to use a proxy - nginx --- docs/technical-guide/getting-started.md | 50 ++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/docs/technical-guide/getting-started.md b/docs/technical-guide/getting-started.md index 70248a62e..6a4378e7a 100644 --- a/docs/technical-guide/getting-started.md +++ b/docs/technical-guide/getting-started.md @@ -280,6 +280,55 @@ Postgres database and another one for the assets uploaded by your users (images clips). There may be more volumes if you enable other features, as explained in the file itself. +### Configure the proxy + +Your host configuration needs to make a proxy to http://localhost:9001. + +#### Example with NGINX + +```bash +server { + listen 80; + server_name penpot.mycompany.com; + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl; + server_name penpot.mycompany.com; + + # This value should be in sync with the corresponding in the docker-compose.yml + # PENPOT_HTTP_SERVER_MAX_BODY_SIZE: 31457280 + client_max_body_size 31457280; + + # Logs: Configure your logs following the best practices inside your company + access_log /path/to/penpot.access.log; + error_log /path/to/penpot.error.log; + + # TLS: Configure your TLS following the best practices inside your company + ssl_certificate /path/to/fullchain; + ssl_certificate_key /path/to/privkey; + + # Websockets + location /ws/notifications { + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_pass http://localhost:9001/ws/notifications; + } + + # Proxy pass + location / { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_redirect off; + proxy_pass http://localhost:9001/; + } +} +``` + ### Troubleshooting Knowing how to do Penpot troubleshooting can be very useful; on the one hand, it helps to create issues easier to resolve, since they include relevant information from the beginning which also makes them get solved faster; on the other hand, many times troubleshooting gives the necessary information to resolve a problem autonomously, without even creating an issue. @@ -350,7 +399,6 @@ you need. Therefore, your prerequisite will be to have a Kubernetes cluster on which we can install Helm. - ### What is Helm *Helm* is the package manager for Kubernetes. A *Chart* is a Helm package. It contains From 5bfab454f5a2f6e55817240d9a818492772763f7 Mon Sep 17 00:00:00 2001 From: Yamila Moreno Date: Wed, 19 Feb 2025 15:39:01 +0100 Subject: [PATCH 2/2] :books: Document how to use a proxy - caddy --- docs/technical-guide/getting-started.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/technical-guide/getting-started.md b/docs/technical-guide/getting-started.md index 6a4378e7a..1b262cb3d 100644 --- a/docs/technical-guide/getting-started.md +++ b/docs/technical-guide/getting-started.md @@ -329,6 +329,18 @@ server { } ``` +#### Example with CADDY SERVER + +```bash +penpot.mycompany.com { + reverse_proxy :9001 + tls /path/to/fullchain.pem /path/to/privkey.pem + log { + output file /path/to/penpot.log + } +} +``` + ### Troubleshooting Knowing how to do Penpot troubleshooting can be very useful; on the one hand, it helps to create issues easier to resolve, since they include relevant information from the beginning which also makes them get solved faster; on the other hand, many times troubleshooting gives the necessary information to resolve a problem autonomously, without even creating an issue.