Nginx setup with reverse proxy for Obsidian Publish

I’m having some trouble with my reverse proxy setup to use a custom (sub)domain with Obsidian Publish. I have an Nginx server with an SSL cert. Before I made changes, I could visit https://sub.domain.com (for example) and access a basic landing page I’d placed there. I then modifed my /etc/nginx/sites-available/sub.domain.com file as instructed here, to add this:

        location / {
                proxy_pass https://publish.obsidian.md/;
        }

The Obsidian help docs match what I’ve dug up from Nginx docs and elsewhere. I’ve also set the custom URL in Obsidian Publish to sub.domain.com.

However, attempting to visit sub.domain.com returns an HTTP 502 Bad Gateway from Nginx. There’s nothing in the error logs that explains any this error.

Anyone have any ideas?

Oops, I do see errors in the log:

[error] 17623#17623: *2 SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstrea>

[error] 17623#17623: *2 connect() to [2606:4700:3032::ac43:8b7c]:443 failed (101: Network is unreachable) while connecting to upstream, client: <IPADDRESS>, server: SUB.DOMAI>

Have you set up an SSL certificate on your reverse proxy server? Your errors might be related to that.

I’d strongly recommend using Cloudflare as it will work immediately out-of-the-box and is free.

The Nginx server IS my reverse proxy server, and yes, SSL is already set up and running on it. That’s how I was able to access the https:// version of the site before I attempted to proxy to Obsidian Publish.

Unfortunately, Cloudflare isn’t an option because they don’t support just subdomains for non-Enterprise plans.

I did end up getting a bit further last night. I think that because I had multiple server blocks on the Nginx server, I needed to add proxy_ssl_server_name on; to the location to force the server_name to be sent. Anyway, going to https://sub.domain.com now redirects to https://publish.md – but not to my actual notes, for some reason, even though I’ve definitely got the right URL on Obsidian Publish and I’ve done a publish since then. :frowning:

Could this be a problem on the Obsidian side?

I’d recommend using Cloudflare as the DNS provider for your domain, then you’ll be able to use it for your Obsidian site on a subdomain too.

I’m aware of what’s recommended, thanks. It’s not the way I wanted to go.

I actually ended up figuring it out! Posting it here in case it helps someone else. I had to modify the location block further.

        location / {
                proxy_pass https://publish.obsidian.md/serve?url=sub.domain.com/:splat;
                proxy_ssl_server_name on;
        }

The URL in the proxy_pass is what’s written here, but for Netlify, not Nginx, which was why I didn’t initially try it. I’m not sure if the docs are incorrect or perhaps there was something about my setup that made a difference, but there you go!

Published the detailed steps I took on the new site for those who might want to do the same.

Sorry I’m late to help, but one thing you may want to change is the :splat which is a directive only recognized by Netlify.

I’ve updated the help docs on how to setup nginx here with a rewrite to keep the file path correctly. Let me know if that works better!

1 Like

Thanks for responding! And for pointing out the splat. Is the rewrite mandatory? It seems to be working (including keeping the file path) with just the proxy pass, but perhaps there’s something I’m not considering?

I guess not then! I’m not an expert in nginx configs I just google things and try until they work :joy:.

Let me know which config worked for you, and I can update the help docs with it!

1 Like

Oh good! We’re on the same page then, because I too rely on Google Fu! :wink:

This worked for me:

        location / {
                proxy_pass https://publish.obsidian.md/serve?url=sub.domain.com/;
                proxy_ssl_server_name on;
        }
3 Likes

Won’t this break Google Analytics?