Nginx

1server {
2    root /var/www/html;
3    index index.html index.htm index.nginx-debian.html;
4    server_name sandbox.payment.{domain}.com sandbox.realtime.{domain}.com sandbox.shipping-gateway.{domain}.com payment.{domain}.com realtime.{domain}.com shipping-app.{domain}.com shipping-gateway.{domain}.com;
5    location / {
6            proxy_set_header Host $host;
7            proxy_set_header X-Real-IP $remote_addr;
8            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
9            #proxy_set_header Host $host:$server_port;
10            proxy_set_header X-NginX-Proxy true;
11            proxy_set_header Upgrade $http_upgrade; # WS
12            proxy_set_header Connection "upgrade"; # WS
13            proxy_buffering off; # SSE
14            proxy_cache off; # SSE
15            proxy_pass http://localhost:8080; #FRP
16    }
17    listen [::]:443 ssl ipv6only=on; # managed by Certbot
18    listen 443 ssl; # managed by Certbot
19    ssl_certificate /etc/letsencrypt/live/fewbox/fullchain.pem; # managed by Certbot
20    ssl_certificate_key /etc/letsencrypt/live/fewbox/privkey.pem; # managed by Certbot
21    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
22    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
23}
24server {
25    listen 80;
26    server_name sandbox.payment.{domain}.com sandbox.realtime.{domain}.com sandbox.shipping-gateway.{domain}.com payment.{domain}.com realtime.{domain}.com shipping-app.{domain}.com shipping-gateway.{domain}.com;
27    return 301 https://$server_name$request_uri;
28}
29server {
30    if ($host = sandbox.shipping-gateway.{domain}.com) {
31        return 301 https://$host$request_uri;
32    } # managed by Certbot
33    if ($host = shipping-gateway.{domain}.com) {
34        return 301 https://$host$request_uri;
35    } # managed by Certbot
36    if ($host = shipping-app.{domain}.com) {
37        return 301 https://$host$request_uri;
38    } # managed by Certbot
39    if ($host = sandbox.realtime.{domain}.com) {
40        return 301 https://$host$request_uri;
41    } # managed by Certbot
42    if ($host = realtime.{domain}.com) {
43        return 301 https://$host$request_uri;
44    } # managed by Certbot
45    if ($host = sandbox.payment.{domain}.com) {
46        return 301 https://$host$request_uri;
47    } # managed by Certbot
48    if ($host = payment.{domain}.com) {
49        return 301 https://$host$request_uri;
50    } # managed by Certbot
51        listen 80 default_server;
52        listen [::]:80 default_server;
53        server_name sandbox.payment.{domain}.com sandbox.realtime.{domain}.com sandbox.shipping-gateway.{domain}.com payment.{domain}.com realtime.{domain}.com shipping-app.{domain}.com shipping-gateway.{domain}.com;
54    return 404; # managed by Certbot
55}

1server {
2    listen       80;
3    server_name        api.fewbox.com;
4    #server_name       api.fewbox.lan;
5    location /llm_stream {
6        proxy_http_version 1.1;
7        proxy_set_header Connection ';
8        proxy_buffering off;
9        proxy_cache off;
10        gzip off;
11        #chunked_transfer_encoding off;
12        proxy_pass     http://192.168.1.114:3000/llm_stream;
13    }
14    location / {
15        proxy_pass     http://192.168.1.114:3000;
16    }
17}

1yum install epel-release
2yum install snapd
3systemctl enable --now snapd.socket
4sudo ln -s /var/lib/snapd/snap /snap
5snap install --classic certbot
6ln -s /snap/bin/certbot /usr/bin/certbot
7certbot --nginx
8# certbot renew --dry-run