search

netreconlab / parse-hipaa

HIPAA & GDPR compliant ready parse-server with postgres/mongo, parse-hipaa-dashboard. Compatible with ParseCareKit
MIT License
99 stars 43 forks source link

Help !! Configuring with NGNX #99

Closed Shiba-Kar closed 8 months ago

Shiba-Kar commented 8 months ago 
{
  "apps": [
    {
      "serverURL": "https://xxxxxxxxxxxxx/parse", <------------------------------- ADDED THIS 
      "graphQLServerURL": "http://localhost:1337/graphql",
      "appId": "E036A0C5-6829-4B40-9B3B-3E05F6DF32B2",
      "masterKey": "E2466756-93CF-4C05-BA44-FF5D9C34E99F",
      "readOnlyMasterKey": "367F7395-2E3A-46B1-ABA3-963A25D533C3",
      "appName": "Parse HIPAA",
      "supportedPushLocales": [
        "en"
      ]
    }
  ],
  "iconsFolder": "icons",
  "users": [
    {
      "user": "parse",
      "pass": "$2a$12$mw0Bulf8PzAw8u.Zb.l0dueKGSV7z8q9bw8857av2e3yTTlC4hRca"
    },
    {
      "user": "parseRead",
      "pass": "$2a$12$mw0Bulf8PzAw8u.Zb.l0dueKGSV7z8q9bw8857av2e3yTTlC4hRca",
      "readOnly": true
    }
  ],
  "useEncryptedPasswords": true
}

Not done any changes in docker-compose.mongo.yml file 

docker compose -f docker-compose.mongo.yml up -d

NGNX CONFIGURATION .... 

server {
    server_name xxxxxxxxxxxxxxxxx;  <------------------------------- ADDED THIS 

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    ssl_session_cache shared:SSL:50m;
    ssl_protocols SSLv2 SSLv3 TLSv1.2 TLSv1.3; #TLSv1.1, TLSv1;

    location /parse/ {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:1337/parse;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_redirect off;
    }

    location /dashboard/ {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:4040/dashboard/;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_redirect off;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/xxxxxxxx/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/xxxxxxxxxxx/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host =xxxxxxxxxxx) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name xxxxxxxxx;
    listen 80;
    return 404; # managed by Certbot

}

Screenshot 2024-03-24 at 11 57 03 AM

cbaker6 commented 8 months ago

Have you compared your setup to https://github.com/netreconlab/parse-hipaa?tab=readme-ov-file#deploying-on-a-real-system. If so, what’s different about your setup and for what reasons?