Setting up a secure file hosting service with NGINX is a robust solution for handling file uploads. In this post, we’ll walk through an NGINX configuration that serves these purposes and ensures security using SSL certificates managed by Certbot. I previously used nextcloud and owncloud but switched to File Browser. By my opinion it is much easier to install and more lightweight, I host a lot of videos and gifs and it is much faster and simpler to use File Browser for this purpose.
NGINX Configuration
Below is a sample NGINX configuration file that serves files from a specified directory, handles large file uploads, and secures connections with SSL:
server {
server_name yourdomain.com;
client_max_body_size 600M; # Allow up to 600 MB files
location / {
proxy_pass http://10.8.0.2:8070;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = yourdomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
client_max_body_size 600M; # Allow up to 600 MB files
listen 80;
listen [::]:80;
server_name yourdomain.com;
return 404; # managed by Certbot
}
Key Points of the Configuration
File Upload Size Limit:
client_max_body_size 600M;
allows file uploads up to 600 MB.
SSL Configuration:
SSL is enabled and managed by Certbot, with paths to certificates and SSL parameters included for secure connections.
HTTP to HTTPS Redirection:
The second server block ensures that any HTTP requests are redirected to HTTPS for security.
Setting Up Certbot
Certbot is a tool that automates the process of obtaining and renewing Let’s Encrypt SSL certificates. Here’s a quick guide to configuring and using Certbot with NGINX:
- Install Certbot:
sudo apt update
sudo apt install certbot python3-certbot-nginx
- Obtain and Install the SSL Certificate:
sudo certbot --nginx -d yourdomain.com
- Automate Certificate Renewal:
Certbot automatically sets up a cron job for certificate renewal. You can test the renewal process with:
sudo certbot renew --dry-run
- Reload NGINX:
Certbot will automatically reload NGINX to apply the new certificates. If needed, you can manually reload NGINX with:
sudo systemctl reload nginx
By following this setup, you can ensure your file hosting service is both functional and secure. The configuration allows for large file uploads, directory listings, and secure HTTPS connections using free SSL certificates from Let’s Encrypt.