Example Nginx config

Here is an example nginx.conf for Loadbalancing on Nginx:

user  www-data;
worker_processes  auto;#Relevant to handle as many connections as the server config could, is correlated  to number of cores in the CPU
                    #https://nginx.org/en/docs/ngx_core_module.html#worker_processes
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;#Relevant to handle as many connections as the server config could
                              #clients = worker_processes * worker_connections
}                             #https://nginx.org/en/docs/ngx_core_module.html#worker_connections

http {

    large_client_header_buffers 4 128k; 
    server_names_hash_bucket_size 128;

map $request_uri $short_uri {
    "~^(.{0,50})" $1;
    default       $request_uri;
}


    map $remote_addr $anonymized_addr {
                ~(?P<ip>\d+\.\d+)\.\d+\.    $ip.0.0;
                ~(?P<ip>[^:]+:[^:]+):       $ip::;
                # IP addresses to not anonymize (such as your server)
                127.0.0.1                   $remote_addr;
                ::1                         $remote_addr;
                #w.x.y.z                    $remote_addr;
                #a::c:d::e:f                $remote_addr;
                default                     0.0.0.0;
    }
    
    log_format combined_log '$anonymized_addr - $remote_user [$time_local] '
                        '"$short_uri" $status $body_bytes_sent '
                        '"$http_referer" "$http_user_agent"';
                       
    access_log  /var/log/nginx/access.log  combined_log;

    limit_req_zone $binary_remote_addr zone=mylimit:1M rate=70r/s;
    limit_req zone=mylimit burst=9000 nodelay;
    #WSS compatibility config
    map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
    }

    #Upstream group
    upstream rpc_stream {
        least_conn; #Redirect requests to the server with least number of active connections
        server  XXX.XXX.XXX.XXX:26657 max_fails=1000 fail_timeout=30s; 
	server  XXX.XXX.XXX.XXX:26657 max_fails=1000 fail_timeout=30s;
	server  XXX.XXX.XXX.XXX:26657 max_fails=1000 fail_timeout=30s;

    }

    upstream grpc_stream {
        least_conn; #Redirect requests to the server with least number of active connections
        server  XXX.XXX.XXX.XXX:9091 max_fails=1000 fail_timeout=30s; 
	server  XXX.XXX.XXX.XXX:9091 max_fails=1000 fail_timeout=30s;
        server  XXX.XXX.XXX.XXX:9091 max_fails=1000 fail_timeout=30s;

    }

    upstream lcd_stream {
        least_conn; #Redirect requests to the server with least number of active connections
        server  XXX.XXX.XXX.XXX:1317 max_fails=1000 fail_timeout=30s; 
	server  XXX.XXX.XXX.XXX:1317 max_fails=1000 fail_timeout=30s;
        server  XXX.XXX.XXX.XXX:1317 max_fails=1000 fail_timeout=30s;
    }

    
   server {
        listen 80;
        server_name rpc.YOUR_URL;

        location / {
            if ($request_method = 'OPTIONS') {
                return 204;
            }

            proxy_hide_header 'Access-Control-Allow-Origin';
            proxy_hide_header 'Access-Control-Allow-Credentials';
            proxy_hide_header 'Access-Control-Allow-Headers';
            proxy_hide_header 'Access-Control-Allow-Methods';
            
            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Headers' * always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            
            proxy_pass       http://rpc_stream;
            
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade; #WSS compatibility config
            proxy_set_header Connection $connection_upgrade; #WSS compatibility config
        }
    }


   server {
        listen 26657;
        server_name rpc.YOUR_URL;

        location / {
            if ($request_method = 'OPTIONS') {
                return 204;
            }

            proxy_hide_header 'Access-Control-Allow-Origin';
            proxy_hide_header 'Access-Control-Allow-Credentials';
            proxy_hide_header 'Access-Control-Allow-Headers';
            proxy_hide_header 'Access-Control-Allow-Methods';
            
            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Headers' * always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            
            proxy_pass       http://rpc_stream;
            
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade; #WSS compatibility config
            proxy_set_header Connection $connection_upgrade; #WSS compatibility config
        }
    }



    server {
        listen 80;
        server_name grpc.YOUR_URL;

        location / {
            if ($request_method = 'OPTIONS') {
                return 204;
            }

            proxy_hide_header 'Access-Control-Allow-Origin';
            proxy_hide_header 'Access-Control-Allow-Credentials';
            proxy_hide_header 'Access-Control-Allow-Headers';
            proxy_hide_header 'Access-Control-Allow-Methods';
            
            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Headers' * always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            
            proxy_pass       http://grpc_stream;
            
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade; #WSS compatibility config
            proxy_set_header Connection $connection_upgrade; #WSS compatibility config
        }
    }

    server {
        listen 9091;
        server_name grpc.YOUR_URL;

        location / {
            if ($request_method = 'OPTIONS') {
                return 204;
            }

            proxy_hide_header 'Access-Control-Allow-Origin';
            proxy_hide_header 'Access-Control-Allow-Credentials';
            proxy_hide_header 'Access-Control-Allow-Headers';
            proxy_hide_header 'Access-Control-Allow-Methods';
            
            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Headers' * always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            
            proxy_pass       http://grpc_stream;
            
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade; #WSS compatibility config
            proxy_set_header Connection $connection_upgrade; #WSS compatibility config
        }
    }

server {
        listen 1317;
        server_name lcd.YOUR_URL;
        location / {
            if ($request_method = 'OPTIONS') {
                return 204;
            }


	    proxy_hide_header 'Access-Control-Allow-Origin';
	    proxy_hide_header 'Access-Control-Allow-Credentials';
	    proxy_hide_header 'Access-Control-Allow-Headers';
	    proxy_hide_header 'Access-Control-Allow-Methods'; 

            add_header 'Access-Control-Allow-Origin' * always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Headers' * always;
            add_header 'Access-Control-Allow-Methods' * always;

            proxy_pass       http://lcd_stream;
            
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade; #WSS compatibility config
            proxy_set_header Connection $connection_upgrade; #WSS compatibility config
        }

   
}

    server {
        listen 80;
        server_name lcd.YOUR_URL;
        location / {

            if ($request_method = 'OPTIONS') {
                return 204;
            }

	    proxy_hide_header 'Access-Control-Allow-Origin';
            proxy_hide_header 'Access-Control-Allow-Credentials';
            proxy_hide_header 'Access-Control-Allow-Headers';
            proxy_hide_header 'Access-Control-Allow-Methods'; 

            add_header 'Access-Control-Allow-Origin' * always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Headers' * always;
            add_header 'Access-Control-Allow-Methods' * always;

            proxy_pass       http://lcd_stream;
            
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade; #WSS compatibility config
            proxy_set_header Connection $connection_upgrade; #WSS compatibility config
        }
    }


    server {
        listen 127.0.0.1:80;
        server_name 127.0.0.1;
        location /nginx_status {
            stub_status on;
            allow 127.0.0.1;
            deny all;
        }
    }

}

Last updated