Formatting for reverse-proxy docs (#7514)

also a small clarification to nginx

Formatting for reverse-proxy docs (#7514)
24d9151a · Richard van der Hoff · GitHub · 572b444d · 24d9151a · 24d9151a
Unverified Commit 24d9151a authored 4 years ago by Richard van der Hoff Committed by GitHub 4 years ago
--- a/changelog.d/7514.doc
+++ b/changelog.d/7514.doc
+Improve the formatting of `reverse_proxy.md`.
--- a/docs/reverse_proxy.md
+++ b/docs/reverse_proxy.md
@@ -34,97 +34,107 @@ the reverse proxy and the homeserver.
 ### nginx
-        server {
+```
-            listen 443 ssl;
+server {
-            listen [::]:443 ssl;
+    listen 443 ssl;
-            server_name matrix.example.com;
+    listen [::]:443 ssl;
+    server_name matrix.example.com;
-            location /_matrix {
-                proxy_pass http://localhost:8008;
+    location /_matrix {
-                proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_pass http://localhost:8008;
-                # Nginx by default only allows file uploads up to 1M in size
+        proxy_set_header X-Forwarded-For $remote_addr;
-                # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
+        # Nginx by default only allows file uploads up to 1M in size
-                client_max_body_size 10M;
+        # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
-            }
+        client_max_body_size 10M;
-        }
+    }
+}
-        server {
-            listen 8448 ssl default_server;
+server {
-            listen [::]:8448 ssl default_server;
+    listen 8448 ssl default_server;
-            server_name example.com;
+    listen [::]:8448 ssl default_server;
+    server_name example.com;
-            location / {
-                proxy_pass http://localhost:8008;
+    location / {
-                proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_pass http://localhost:8008;
-            }
+        proxy_set_header X-Forwarded-For $remote_addr;
-        }
+    }
+}
-> **NOTE**: Do not add a `/` after the port in `proxy_pass`, otherwise nginx will
+```
+**NOTE**: Do not add a path after the port in `proxy_pass`, otherwise nginx will
 canonicalise/normalise the URI.
 ### Caddy 1
-        matrix.example.com {
+```
-          proxy /_matrix http://localhost:8008 {
+matrix.example.com {
-            transparent
+  proxy /_matrix http://localhost:8008 {
-          }
+    transparent
-        }
+  }
+}
-        example.com:8448 {
+example.com:8448 {
-          proxy / http://localhost:8008 {
+  proxy / http://localhost:8008 {
-            transparent
+    transparent
-          }
+  }
-        }
+}
+```
 ### Caddy 2
-        matrix.example.com {
+```
-          reverse_proxy /_matrix/* http://localhost:8008
+matrix.example.com {
-        }
+  reverse_proxy /_matrix/* http://localhost:8008
+}
-        example.com:8448 {
+example.com:8448 {
-          reverse_proxy http://localhost:8008
+  reverse_proxy http://localhost:8008
-        }
+}
+```
 ### Apache
-        <VirtualHost *:443>
+```
-            SSLEngine on
+<VirtualHost *:443>
-            ServerName matrix.example.com;
+    SSLEngine on
+    ServerName matrix.example.com;
-            AllowEncodedSlashes NoDecode
+    AllowEncodedSlashes NoDecode
-            ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
+    ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
-            ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
+    ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
-        </VirtualHost>
+</VirtualHost>
-        <VirtualHost *:8448>
+<VirtualHost *:8448>
-            SSLEngine on
+    SSLEngine on
-            ServerName example.com;
+    ServerName example.com;
-            AllowEncodedSlashes NoDecode
+    AllowEncodedSlashes NoDecode
-            ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
+    ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
-            ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
+    ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
-        </VirtualHost>
+</VirtualHost>
+```
-> **NOTE**: ensure the  `nocanon` options are included.
+**NOTE**: ensure the  `nocanon` options are included.
 ### HAProxy
-        frontend https
+```
-          bind :::443 v4v6 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
+frontend https
+  bind :::443 v4v6 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
-          # Matrix client traffic
+  # Matrix client traffic
-          acl matrix-host hdr(host) -i matrix.example.com
+  acl matrix-host hdr(host) -i matrix.example.com
-          acl matrix-path path_beg /_matrix
+  acl matrix-path path_beg /_matrix
-          use_backend matrix if matrix-host matrix-path
+  use_backend matrix if matrix-host matrix-path
-        frontend matrix-federation
+frontend matrix-federation
-          bind :::8448 v4v6 ssl crt /etc/ssl/haproxy/synapse.pem alpn h2,http/1.1
+  bind :::8448 v4v6 ssl crt /etc/ssl/haproxy/synapse.pem alpn h2,http/1.1
-          default_backend matrix
+  default_backend matrix
-        backend matrix
+backend matrix
-          server matrix 127.0.0.1:8008
+  server matrix 127.0.0.1:8008
+```
 ## Homeserver Configuration