It is strongly recommended to use nginx to host frontend static resources and reverse proxy backend service. The configuration is as follows:

General Configuration

server {

  listen 8000;
  server_name localhost;

  set $node_ip 127.0.0.1;
  set $node_port 7002;

  root /path/to/project/dist;

  location /public {
    root /path/to/home/cabloy/project-name;
    internal;
  }

  location /api/ {
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://$node_ip:$node_port$request_uri;
    proxy_redirect off;
    proxy_buffer_size 64k;
    proxy_buffers   4 32k;
    proxy_busy_buffers_size 64k;
  }

}
Name Description
root frontend static resources
location /public resource files generated during system operations, such as uploaded pictures, uploaded files, etc.
location /api/ backend service

About location /public

I want to emphasize location /public here:

1. Default Configuration

In the production environment, resource files generated by backend service (such as module a-file) will be automatically stored in the directory {HomeDir}/cabloy/{ProjectName}/public. We just need to set the root value of location /public to {HomeDir}/cabloy/{ProjectName} in the nginx configuration file

2. Override Configuration

The configuration of module a-Base can be overrided in the project configuration file

src/backend/config/config.prod.js

config.modules = {
  'a-base': {
    publicDir: '/path/to/public',
  },
};
  • publicDir: must be an absolute path, equivalent to overwriting the path in the production environment: {HomeDir}/cabloy/{ProjectName}/public

3. Why is internal specified for location /public?

Because CabloyJS uses nginx’s x-accel-redirect mechanism, and location /public is used for file redirect on the backend, which is not directly accessible by the frontend

For more information about x-accel-redirect, see: X-Accel

4. What effect does location /public specify internal?

For example, a picture is uploaded through the module a-file. The actual storage file name of the picture on the server is: {publicDir}/{instanceId}/file/image/2019-11-18/6fb2784415f949948355ef843d78459a-126_0.jpg, while the download link is: https://admin.cabloy.com/api/a/file/file/download/46c68dae591b41c3bd2181facc8d0af9.jpg. The frontend can download the picture directly through the download link, but it does not know the real location and real name of the picture stored in the server

Production Configuration

Generally, HTTPS protocol is used in production environment, so the corresponding configuration is as follows:

server {

  listen 80;
  server_name yourdomain.com;

  return 301 https://$server_name$request_uri;
}

server {

  listen 443 ssl;
  server_name yourdomain.com;

  set $node_ip 127.0.0.1;
  set $node_port 7003;

  root /path/to/project/dist;

  location /public {
    root /path/to/home/cabloy/project-name;
    internal;
  }

  location  /api/ {
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://$node_ip:$node_port$request_uri;
    proxy_redirect off;
  }

  ssl_certificate  /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
  ssl_certificate_key  /etc/letsencrypt/live/yourdomain.com/privkey.pem;
}

Developmemt Configuration

If we want to configure the development environment on the server, and then reverse proxy the frontend service and backend service to the frontend through nginx, the corresponding configuration is as follows:

server {

  listen 80;
  server_name yourdomain.com;

  return 301 https://$server_name$request_uri;


server {

  listen 443 ssl;
  server_name yourdomain.com;

  set $node_ip 127.0.0.1;
  set $node_ip2 127.0.0.1;

  set $node_port 7102;
  set $node_port2 9192;

  location  /api/ {
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://$node_ip:$node_port$request_uri;
    proxy_redirect off;
  }

  location  /public/ {
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://$node_ip:$node_port$request_uri;
    proxy_redirect off;
  }

  location  / {
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://$node_ip2:$node_port2$request_uri;
    proxy_redirect off;
  }

  ssl_certificate  /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
  ssl_certificate_key  /etc/letsencrypt/live/yourdomain.com/privkey.pem;
}