Configure Nginx settings
Faspex 5 uses Nginx as a reverse proxy to route traffic to the appropriate container. You can customize Nginx configuration files and update your SSL certificate and key using the files at /opt/aspera/faspex/conf/nginx.
Nginx configuration files
To customize Nginx configuration, update the files in /opt/aspera/faspex/conf/nginx/custom.
To update your SSL certificate and key, or to replace the self-signed default certificate, replace cert.pem, dhparam.pem, and key.pem, found at /opt/aspera/faspex/conf/nginx.
faspexctl restart routerThe file nginx.conf.copy contains the settings currently running. This file updates each time you restart the router using the command above.
The files in the directory /opt/aspera/faspex/conf/nginx/custom/orig function as a backup of all the /opt/aspera/faspex/conf/nginx/custom files prior to restarting the router. You can use the contents of the /orig directory for reference and restoration as required.
faspexctl version to check the version of Nginx running in the faspex-router container.Modify the Nginx configuration (Faspex 5.0.14 and later)
You can modify the nginx_server_https.conf file to make small and simple adjustments to the HTTPS server block in nginx.conf. The file is located in the /opt/aspera/faspex/conf/nginx/custom directory.
You can only add single-line directives intended for:
- Extra security headers
- XSS protection headers
- Basic CORS configuration
location { ... }, if { ... }, or map { ... }. Example of adding a basic CORS configuration:
Control Allow-Origin header, incorrect headers can break third-party applications if they are not listed in the Access-Controll-Allow-Origin header. Do not modify the order of the following two headers. proxy_hide_header Access-Control-Allow-Origin;
add_header Access-Control-Allow-Origin "https://f5-app.com" "https://third-party-app";faspexctl restart router