Setup Nginx as a Reverse Proxy for Thingsboard running on different port/server

In this blog, we will Setup Nginx as a Reverse Proxy for Thingsboard IOT dashboard running on different port


Requirement:


Ubuntu Server
Thingsboard installed on Ubuntu server
Nginx installed on Ubuntu server


For installing please refer thingsboard documentation page

windows:

 https://thingsboard.io/docs/user-guide/install/windows/

Linux: 

https://thingsboard.io/docs/user-guide/install/linux/





Let us know in comment if you face any issue in installation we will help you.


NGINX installation:


sudo apt-get install nginx

sudo service nginx status
sudo service nginx start

Open your browser and you will see the default NGinx home page, nginx also runs on default port 80

In some case if you don't see default page up then check:

  • If using cloud machine then need to open "http port 80" on 0.0.0.0/0 or a specific ip
  • If still don't see UI then restart server, sometime it comes after restart.



Configure it to use as a proxy for thingsboard


cd /etc/nginx/conf.d

sudo vi proxytb.conf

Configure DNS for your EC2 instance where nginx server is running and put that domain name in tag “server_name”



upstream websocket{
server localhost:8080 fail_timeout=0;
}
server {
listen 80;
server_name domainname;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://websocket;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_request_buffering off;
}
}




test the change is correct or not
sudo nginx -t


Restart or reload nginx
sudo nginx -s reload



Now browse url
http://domainname

this will redirect to thingsboard login page, you will see the nginx server pointing to thingsboard UI




TO enable SSL on the same you need to get the ssl certificate and some configuration we will use Certbot to obtain a free SSL certificate for Nginx on Ubuntu 18.04 and set up your certificate to renew automatically.




First, add the repository:

$ sudo add-apt-repository ppa:certbot/certbot



install package

sudo apt install python-certbot-nginx





obtain SSL certificates through plugins

$ sudo certbot --nginx -d domainname -d www.domainname 

It will ask some details and then finally will create ssl certificate and will store on default location



/etc/letsencrypt/live/example.com/fullchain.pem
/etc/letsencrypt/live/example.com/privkey.pem




Now certbot automatically will do all configuration to open your domain with https://domainname



if not the you can use below:



upstream websocket {

server localhost:8080 fail_timeout=0;

}

map $http_upgrade $connection_upgrade {

default upgrade;
'' close;
}
server {
server_name domainname;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://websocket;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_request_buffering off;
}
listen 443 ssl; # managed by Certbot, plz change domainname with your actual
ssl_certificate /etc/letsencrypt/live/domainname/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domainname/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_session_cache shared:SSL:1m;
ssl_stapling on;
ssl_stapling_verify on;
}
server {
if ($host = domainname) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name domainname;
return 404; # managed by Certbot
}


After repeat Test & Reload command

sudo nginx -t

sudo nginx -s reload


Now open UI with https://domainname


Thanks
very soon I will put demo of things board on Website


Comments

  1. Unknown24 May 2020 at 04:49

    Silly Question :Is server-name the only thing we change? can i also change the local host to my actual IP address?

    Also, server {
    listen 80;
    server_name domainname;
    location / {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://websocket;
    proxy_read_timeout 90;
    proxy_http_version 1.1;
    proxy_request_buffering off;
    }
    }

    is there nothing to change/substitute there?

    In my case, apache is running on server 80, so I listen Nginx to a different port hey?

    ReplyDelete
  2. Michal Fapšo5 October 2020 at 09:49

    Thanks for creating this tutorial. I've put together a docker-compose.yml for Thingsboard + HTTPS through Nginx reverse proxy with automatic Let's Encrypt certificates here: https://github.com/michalfapso/thingsboard_docker_https/

    ReplyDelete
  3. AnDoNoc22 November 2021 at 00:35

    Last telemetry is not shown
    https://github.com/thingsboard/thingsboard/issues/1235
    this post seems to make the trick

    ReplyDelete

Post a Comment

Popular posts from this blog

How to auto re-launch a YARN Application Master on a failure.

1)Use Case: The fundamental idea of Hadoop2 (Map-Reduce + Yarn) is to split up the two major functionalities of the JobTracker, resource management and job scheduling/monitoring, into separate daemons. The idea is to have a global ResourceManager ( RM ) and per-application ApplicationMaster ( AM ). An application is either a single job in the classical sense of Map-Reduce jobs or a DAG of jobs. The ResourceManager and per-node slave, the NodeManager ( NM ), form the data-computation framework. The ResourceManager is the ultimate authority that arbitrates resources among all the applications in the system. The per-application ApplicationMaster is, in effect, a framework specific library and is tasked with negotiating resources from the ResourceManager and working with the NodeManager(s) to execute and monitor the tasks. The ResourceManager has two main components: 1. Scheduler: is responsible for allocating resources to the various running applications. 2. Appl
Read more

Read JSON File in Cassandra

Image
INSERT/Load Json data File in Cassandra (3.0+) table Requirement: Create Cassandra table where we can load json data into it. Here some of the column name is separated by space(like 'a b'). Load JSON file into the table. Challenge:  Cassandra support only 'CSV file' load in Table(As per my understanding and searched till now) by using 'COPY' command but not 'JSON' file. Resolution: As per the Cassandra document page, Cassandra supports CSV record level insert and file level insert both operation but for JSON it only support Record level insert by following command: cqlsh> INSERT INTO keyspace1.table1 JSON '{   "id" : "12",    "DB" : "Cassandra",    "ops" : "Insert",   "Project" : "Hadoop" }'; So If we want to insert whole file in the table then we need to loop for each object in JSON file and need to call insert query every tim
Read more