From dfcf157b597f962923f7db627fca942561ec08af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Lametti?= Date: Wed, 4 Mar 2026 08:57:14 -0500 Subject: [PATCH] Declare tuwunel upstream in single block This is essentially a variable so it is more clear to use an `upstream` declaration in case the IP or port changes. --- docs/deploying/reverse-proxy-nginx.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/docs/deploying/reverse-proxy-nginx.md b/docs/deploying/reverse-proxy-nginx.md index 53008e2b..83be9958 100644 --- a/docs/deploying/reverse-proxy-nginx.md +++ b/docs/deploying/reverse-proxy-nginx.md @@ -24,6 +24,10 @@ sudo pacman -S nginx Create a new configuration file at `/etc/nginx/sites-available/tuwunel` (or `/etc/nginx/conf.d/tuwunel.conf` on some distributions): ```nginx +upstream tuwunel { + 127.0.0.1:8008; # IP and port where tuwunel is listening +} + # Client-Server API over HTTPS (port 443) server { listen 443 ssl http2; @@ -34,9 +38,9 @@ server { # Increase this to match the max_request_size in your tuwunel.toml client_max_body_size 100M; - # Forward requests to Tuwunel (listening on 127.0.0.1:8008) + # Forward requests to Tuwunel location / { - proxy_pass http://127.0.0.1:8008; + proxy_pass http://tuwunel; # Preserve host and scheme - critical for proper Matrix operation proxy_set_header Host $host; @@ -62,7 +66,7 @@ server { # Forward to the same local port as client-server API location / { - proxy_pass http://127.0.0.1:8008; + proxy_pass http://tuwunel; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto https; @@ -103,7 +107,7 @@ However, if you experience federation retries or dropped long-poll connections, ```nginx location / { - proxy_pass http://127.0.0.1:8008; + proxy_pass http://tuwunel; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto https;