Using the Nomad server behind a load balancer / reverse proxy
You can use the Nomad server on Domino behind a reverse proxy.
Note: You must ensure that the web socket connections are upgraded
by the proxy and not left as-is to be upgraded by the Nomad server on
Domino.
The following is an NGINX sample
config:map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name nomad.example.com;
ssl_certificate /run/secrets/chain.pem;
ssl_certificate_key /run/secrets/server.key;
location / {
proxy_ssl_server_name on;
proxy_pass https://domino.example.com:8443;
proxy_set_header Host $host;
}
location /nrpc-wss {
proxy_ssl_server_name on;
proxy_pass https://domino.example.com:8443/nrpc-wss;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
Connect to reverse proxy through HTTP protocol
Nomad server on Domino can be configured to accept HTTP requests from a reverse proxy.
The following is an example of an NGINX server
config:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name nomad.example.com;
ssl_certificate /run/secrets/chain.pem;
ssl_certificate_key /run/secrets/server.key;
location / {
proxy_pass http://domino.example.com:9080;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host:$server_port;
}
location /nrpc-wss {
proxy_pass http://domino.example.com:9080/nrpc-wss;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_http_version 1.1;
}
}
Note: The underlined values in the example should be
replaced with your specific information.
For Nomad server on Domino to operate behind a reverse proxy, you also need to set up "trustProxy" and "httpPort" in the nomad-config.yml file.
For more information, see Configuration options for the Nomad server on Domino.
Load balancing
Admins will need to configure the load balancer to enable sticky sessions so that requests that get routed for a particular user get routed to that endpoint consistently.