DEV Community

loading...
Cover image for Learn How to Run Appwrite With Your Own Custom Proxy or Load Balancer
Appwrite

Learn How to Run Appwrite With Your Own Custom Proxy or Load Balancer

Damodar Lohani
・2 min read

Appwrite was designed to be flexible and customizable, and that was one of the main reasons we designed it using the Microservices architecture. Thanks to this design, it's very easy to adjust and deploy Appwrite on any existing architecture, especially container-based architectures.

When deploying Appwrite in your own architecture, you might already have your own load balancer or proxy server for handling routing between different services. If this is your case, you might not need to use the Appwrite built-in Traefik load balancer. This post will demonstrate how you can easily replace the Appwrite load balancer with an Nginx proxy. Although we use Nginx for this example, the same can be applied to any proxy or load balancer that your heart desires.

First, in the docker-compose.yml, comment out the traefik service. Now we will add nginx service to replace traefik and act as the entry point for Appwrite stack.

Below the traefik service, add the following.

nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./config:/etc/nginx
      - appwrite-certificates:/etc/ssl/private
    depends_on:
      - appwrite
    networks:
      - gateway
      - appwrite
Enter fullscreen mode Exit fullscreen mode

Here, we have added ./config volume. It contains the nginx config. Create config/nginx.conf file and add the following code.

events {
    worker_connections 1024;
}

http {
    server {
        listen 80;
        listen 443;

        # config for setting up and handling Appwrite SSL

        # ssl_certificate           /etc/ssl/private/YOUR_DOMAIN/cert.crt;
        # ssl_certificate_key       /etc/ssl/private/YOUR_DOMAIN/cert.key;
        # ssl on;
        # ssl_session_cache  builtin:1000  shared:SSL:10m;
        # ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        # ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
        # ssl_prefer_server_ciphers on;

        server_name appwrite;

        location / {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Port $server_port;
            proxy_pass http://appwrite;
        }
    }
}
Enter fullscreen mode Exit fullscreen mode

Unlike the default Traefik instance that comes with Appwrite, the Nginx container doesn't handle SSL certificates automatically. For having valid SSL connections, you'll need to configure your own certificates or integrate with tools like Letsencrypt.

References

Discussion (0)