Add "Butterfly with nginx reverse proxy and https"

2026-06-06 04:19:42 +00:00 · 2015-07-15 17:49:13 +08:00
commit 597a7baf13
1 changed files with 181 additions and 0 deletions
--- a/Butterfly-with-nginx-reverse-proxy-and-https.md
+++ b/Butterfly-with-nginx-reverse-proxy-and-https.md
@@ -0,0 +1,181 @@
+This wiki shows how to setup Butterfly with nginx reverse proxy and https on ubuntu 14.04. The url will be `https://example.com/butterfly`, and it's protected by `basic http auth`.
+
+`nginx` need [ngx_http_substitutions_filter_module](https://github.com/yaoweibin/ngx_http_substitutions_filter_module) module support.
+
+### 1\. Install butterfly and remove exist nginx 
+
+```
+pip install butterfly
+apt-get purge nginx nginx-full
+apt-get install nginx-common
+```
+
+### 2\. Get nginx source code
+
+```
+# Create temporary work area
+cd
+mkdir nginx
+cd nginx
+
+# Download and extract nginx
+wget http://nginx.org/download/nginx-1.9.2.tar.gz
+tar xf nginx-1.9.2.tar.gz
+
+# Download and extract OpenSSL
+wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz
+tar xf openssl-1.0.2d.tar.gz
+
+# Download and extract PCRE (Perl compatible regular expressions)
+wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.37.tar.gz
+tar xf pcre-8.37.tar.gz
+
+# Download and extract gzip
+wget http://zlib.net/zlib-1.2.8.tar.gz
+tar xf zlib-1.2.8.tar.gz
+
+# Delete downloads
+rm *.tar.gz
+
+# Download ngx_http_substitutions_filter_module
+git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module
+```
+
+### 3\. Build and install nginx
+
+```
+cd nginx-1.9.2
+	
+./configure \
+--sbin-path=/usr/sbin/nginx \
+--prefix=/etc/nginx \
+--conf-path=/etc/nginx/nginx.conf \
+--error-log-path=/var/log/nginx/error.log \
+--http-log-path=/var/log/nginx/access.log \
+--http-client-body-temp-path=/var/lib/nginx/body \
+--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
+--http-proxy-temp-path=/var/lib/nginx/proxy \
+--http-scgi-temp-path=/var/lib/nginx/scgi \
+--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
+--lock-path=/var/lock/nginx.lock \
+--pid-path=/var/run/nginx.pid \
+--with-pcre=../pcre-8.37 \
+--with-pcre-jit \
+--with-zlib=../zlib-1.2.8 \
+--with-http_ssl_module \
+--with-openssl=../openssl-1.0.2d \
+--add-module=../ngx_http_substitutions_filter_module
+
+make 
+make install
+```
+
+### 4\. Config nginx
+
+REPLACE example.com with your domain name.
+
+```
+server {
+    listen       80;
+    listen       443 ssl;
+    server_name  example.com;
+    ssl_certificate certs/example.com.chained.crt;
+    ssl_certificate_key certs/example.com.key;
+
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+
+    charset utf-8;
+
+    access_log  /var/log/nginx/$host.access.log;
+
+    client_max_body_size 20M;
+
+    root   /var/www/;
+    index  index.html index.htm index.php;
+
+    if ($ssl_protocol = "") {
+        return 301 https://$http_host$request_uri;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?q=$uri&$args;
+    }
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    location /butterfly {
+        auth_basic "Authentication required";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+
+        rewrite ^/butterfly/?(.*) /$1 break;
+        proxy_pass        http://127.0.0.1:57575;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+
+        proxy_connect_timeout 7d;                                                                                                              
+        proxy_send_timeout 7d;                                                                                                                 
+        proxy_read_timeout 7d;
+
+        subs_filter_types text/html text/css text/xml application/javascript;
+        subs_filter /style.css '/butterfly/style.css';
+        subs_filter /static '/butterfly/static';
+        subs_filter /ws '/butterfly/ws';
+        subs_filter location.pathname '"/"';
+    }
+
+}
+```
+
+`subs_filter` will replace the response from `butterfly` to the correct ones. 
+`proxy_*_timeout` is set to a long time otherwise the web terminal will get closed after about 1 minute.
+`/etc/nginx/.htpasswd` is generate by `htpasswd`:
+```
+htpasswd -c /etc/nginx/.htpasswd YOUR_HTTP_AUTH_USER_NAME
+```
+
+`certs/example.com.chained.crt` and `certs/example.com.key` is your ssl key.
+
+Don't forget to restart the service
+
+```
+service nginx restart
+```
+
+### 5\. Use supervisor to control butterfly
+
+```
+apt-get install supervisor
+service supervisor start
+```
+
+Add a new config for supervisor `vi /etc/supervisor/conf.d/butterfly.conf`,
+
+```
+[program:butterfly]
+command=butterfly.server.py --unsecure --login=false --host=127.0.0.1
+autorestart=true
+user=YOUR_LOGIN_USER_NAME
+```
+
+Please modify `user` to your login username.
+
+Start `butterfly`
+
+```
+supervisorctl reload
+```
+
+### 6\. Using the web terminal
+
+Just visit `https://example.com/butterfly` and check if everything is OK.
+