Setup Nginx as a Reverse Proxy for Thingsboard running on different port/server

In this blog, we will Setup Nginx as a Reverse Proxy for Thingsboard IOT dashboard running on different port

Requirement:

Ubuntu Server

Thingsboard installed on Ubuntu server

Nginx installed on Ubuntu server

For installing please refer thingsboard documentation page

windows:

 https://thingsboard.io/docs/user-guide/install/windows/

Linux: 

https://thingsboard.io/docs/user-guide/install/linux/

Let us know in comment if you face any issue in installation we will help you.

NGINX installation:

sudo apt-get install nginx

sudo service nginx status

sudo service nginx start

Open your browser and you will see the default NGinx home page, nginx also runs on default port 80

In some case if you don't see default page up then check:

• If using cloud machine then need to open "http port 80" on 0.0.0.0/0 or a specific ip
• If still don't see UI then restart server, sometime it comes after restart.

Configure it to use as a proxy for thingsboard

cd /etc/nginx/conf.d

sudo vi proxytb.conf

Configure DNS for your EC2 instance where nginx server is running and put that domain name in tag “server_name”

upstream websocket{
server localhost:8080 fail_timeout=0;
}
server {
listen 80;
server_name domainname;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://websocket;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_request_buffering off;
}
}

test the change is correct or not

sudo nginx -t

Restart or reload nginx

sudo nginx -s reload

Now browse url

http://domainname

this will redirect to thingsboard login page, you will see the nginx server pointing to thingsboard UI

TO enable SSL on the same you need to get the ssl certificate and some configuration we will use Certbot to obtain a free SSL certificate for Nginx on Ubuntu 18.04 and set up your certificate to renew automatically.

First, add the repository:

$ sudo add-apt-repository ppa:certbot/certbot

install package

sudo apt install python-certbot-nginx

obtain SSL certificates through plugins

$ sudo certbot --nginx -d domainname -d www.domainname 

It will ask some details and then finally will create ssl certificate and will store on default location

/etc/letsencrypt/live/example.com/fullchain.pem

/etc/letsencrypt/live/example.com/privkey.pem

Now certbot automatically will do all configuration to open your domain with https://domainname

if not the you can use below:

upstream websocket {

server localhost:8080 fail_timeout=0;

}

map $http_upgrade $connection_upgrade {

default upgrade;
'' close;
}
server {
server_name domainname;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://websocket;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_request_buffering off;
}
listen 443 ssl; # managed by Certbot, plz change domainname with your actual
ssl_certificate /etc/letsencrypt/live/domainname/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domainname/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_session_cache shared:SSL:1m;
ssl_stapling on;
ssl_stapling_verify on;
}
server {
if ($host = domainname) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name domainname;
return 404; # managed by Certbot
}

After repeat Test & Reload command

sudo nginx -t

sudo nginx -s reload

Now open UI with https://domainname

Thanks
very soon I will put demo of things board on Website