Skip to content

Running Ergo behind Nginx

Alexander Chepurnoy edited this page Sep 21, 2021 · 6 revisions

[By @joshp23 ]

The issue occurs when running Ergo Node Interface behind NGINX, essential for securing transmitted data such as "unlock wallet", or securing with OIDC to prevent a brute force attack. In this setup when "Set API Key" is sent, "Bad Api Key" is returned because the relevant header api_key has an underscore in it and is therefore dropped by NGINX.

To resolve this: In Ergo's application.conf file:

set scorex.restApi.bindAddress = 127.0.0.1"9053
note that 127.0.0.0/8 works here
set network.bindAddress = 0.0.0.0:9030
set network,declaredAddress = X.X.X,X
where X.X.X.X is the external, public IP

In NGINX's config for the Ergo Node Interface

server {
    listen 443 http2 ssl;
    listen [::]:443 http2 ssl;
    server_name ergo.example.com;

    ## Here is the bug fixing line
    underscores_in_headers on;

    ## SSL settings
    ssl_certificate /etc/letsencrypt/live/ergo.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/ergo.example.com/privkey.pem;

    location / {
     proxy_pass http://127.0.0.3:9053/;
    }

    access_log /var/log/nginx/ergo.access.log combined;
    error_log /var/log/nginx/ergo.error.log;
}