Nginx is a popular web server which you may consider using as a proxy server in front of Foundry Virtual Tabletop. There are a number of advantages to using a proxy server like Nginx like using a subdomain, using an external port that is different than your Foundry VTT port, stronger access controls, and faster serving of static files. This article provides a basic overview of using Nginx with Foundry Virtual Tabletop. There are many advanced options which are not covered here.
Please note that using a proxy server like Nginx, while advantageous for dedicated web hosts, is absolutely not required in order to use Foundry Virtual Tabletop.
Step 1 - Install Nginx
Start by installing Nginx for your Linux distribution. Some common examples are provided below, but consult the Nginx documentation for your Linux flavor.
This guide assumes a basic level of familiarity with the Linux operating system and how to interface with it. If you are brand new to Linux we recommend starting with a beginner's tutorial to the Linux command line before proceeding.
sudo apt-get update
sudo apt-get install nginx
sudo yum update -y
sudo yum install nginx
sudo yum update -y
sudo amazon-linux-extras install nginx1 -y
Step 2 - Configure Nginx
Nginx requires a configuration file which defines how the server functions. A functional starting point to begin testing Nginx is the following configuration which does not use SSL certificates (we can enable those later). For the purposes of this example we assume that Foundry Virtual Tabletop is running from /home/ec2-user/foundryvtt, but your application installation path may be different, you should adjust the configuration file accordingly.
Make sure to update the references to your.hostname.com in the configuration.
# This goes in a file within /etc/nginx/sites-available/. By convention,
# the filename would be either "your.domain.com" or "foundryvtt", but it
# really does not matter as long as it's unique and descriptive for you.
# Define Server
server {
# Enter your fully qualified domain name or leave blank
server_name your.hostname.com;
# Listen on port 80 without SSL certificates
listen 80;
# Sets the Max Upload size to 300 MB
client_max_body_size 300M;
# Proxy Requests to Foundry VTT
location / {
# Set proxy headers
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# These are important to support WebSockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
# Make sure to set your Foundry VTT port number
proxy_pass http://localhost:30000;
}
}
Once you have configured Nginx, there are some configurations for Foundry Virtual Tabletop in the Application Configuration article you will also want to apply. Set the following options in your Foundry VTT {userData}/Config/options.json file which will instruct Foundry that the server is running with a proxy server in front of it on port 80.
This is where you should update any port-forwarding or access control rules to allow connection to your server on the ports you are allowing through NGINX. For more information please see: Port Forwarding
Please be aware that if your Foundry VTT location is hosted at a subfolder location, such as mysite.com/foundryvtt, you will need to define a routePrefix as outlined in the Application Configuration article.
"hostname": "your.hostname.com",
"routePrefix": null,
"sslCert": null,
"sslKey": null,
"port": 30000,
"proxyPort": 80
Once you have configured your reverse proxy, you will want to restart the proxy instance as well as your Foundry VTT instance to ensure that the new settings are active.
Step 3 - Start, Stop, and Restart Nginx
You can use the service utility to easily manage your Nginx server.
# Enable new site
sudo ln -s /etc/nginx/sites-available/your.hostname.com /etc/nginx/sites-enabled/
# Test your configuration file, please note that on some OS versions this may be "sudo service nginx configtest" instead
sudo service nginx conftest
# Start Nginx
sudo service nginx start
# Stop Nginx
sudo service nginx stop
# Restart Nginx
sudo service nginx restart
Step 4 - Add SSL Certificates (Optional)
For more advanced usage you can add SSL Certificates for added security. Start by creating SSL Certificates, we recommend using Certbot, for which our SSL and HTTPS article can offer some assistance. Once your certificates are created, your Nginx configuration file will be updated to use port 443 and the SSL certificates you have created.
Make sure to update the references to your.hostname.com in the configuration.
# This goes in a file within /etc/nginx/sites-available/. By convention,
# the filename would be either "your.domain.com" or "foundryvtt", but it
# really does not matter as long as it's unique and descriptive for you.
# Define Server
server {
# Enter your fully qualified domain name or leave blank
server_name your.hostname.com;
# Listen on port 443 using SSL certificates
listen 443 ssl;
ssl_certificate "/etc/letsencrypt/live/your.hostname.com/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/your.hostname.com/privkey.pem";
# Sets the Max Upload size to 300 MB
client_max_body_size 300M;
# Proxy Requests to Foundry VTT
location / {
# Set proxy headers
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# These are important to support WebSockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
# Make sure to set your Foundry VTT port number
proxy_pass http://localhost:30000;
}
}
# Optional, but recommend. Redirects all HTTP requests to HTTPS for you
server {
if ($host = your.hostname.com) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
server_name your.hostname.com;
return 404;
}
Once you have edited the Nginx configuration to include your SSL certificates, be sure to do a configuration test before restarting your server. Lastly, there are some additional configuration options for Foundry Virtual Tabletop you will also want to apply. Set the following options in your Foundry VTT {userData}/Config/options.json file which will instruct Foundry that the server is running with a proxy server in front of it on port 443.
"hostname": "your.hostname.com",
"routePrefix": null,
"sslCert": null,
"sslKey": null,
"port": 30000,
"proxyPort": 443,
"proxySSL": true