NGINX proxy

For your pythd to communicate with our servers over an encrypted channel, it is recommended that you set up an NGINX proxy. This also allows for token authentication, meaning we do not need to manually maintain IP whitelists for your nodes. Sample NGINX configurations have been provided by the Pyth team:

# replace YOUR_NODE and YOUR_AUTH_TOKEN_HERE
# docker run -v /path/to/nginx-triton1.conf:/etc/nginx/nginx.conf:ro -p 7899:7899 -p 7900:7900 -d docker.io/nginx

worker_processes 1;

events {}

http {
  include /etc/nginx/mime.types;

  rewrite_log on;

  keepalive_requests 2147483647; # int32 max

  client_max_body_size 0;

  # Pythnet, listening on ports 7799:7800
  upstream pythnet_backend {
    server YOUR_PYTHNET_NODE.rpcpool.com:443;
    keepalive 4;
  }
  server {
    listen 7800;
    location / {
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_pass https://pythnet_backend/YOUR_PYTHNET_AUTH_TOKEN_HERE/;
      proxy_set_header Host YOUR_PYTHNET_NODE.rpcpool.com;
    }
  }
  server {
    listen 7799;
    location / {
      proxy_http_version 1.1;
      proxy_set_header Connection "";
      proxy_pass https://pythnet_backend/YOUR_PYTHNET_AUTH_TOKEN_HERE/;
      proxy_set_header Host YOUR_PYTHNET_NODE.rpcpool.com;
    }
  }

  # Solana Mainnet, listening on ports 7899:7900
  upstream mainnet_backend {
    server YOUR_MAINNET_NODE.rpcpool.com:443;
    keepalive 4;
  }
  server {
    listen 7900;
    location / {
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_pass https://mainnet_backend/YOUR_MAINNET_AUTH_TOKEN_HERE/;
      proxy_set_header Host YOUR_MAINNET_NODE.rpcpool.com;
    }
  }
  server {
    listen 7899;
    location / {
      proxy_http_version 1.1;
      proxy_set_header Connection "";
      proxy_pass https://mainnet_backend/YOUR_MAINNET_AUTH_TOKEN_HERE/;
      proxy_set_header Host YOUR_MAINNET_NODE.rpcpool.com;
    }
  }
}

PreviousNode identity protection NextTestnet, Devnet and Pythnet

Last updated 1 year ago

Was this helpful?

# replace YOUR_NODE and YOUR_AUTH_TOKEN_HERE # docker run -v /path/to/nginx-triton1.conf:/etc/nginx/nginx.conf:ro -p 7899:7899 -p 7900:7900 -d docker.io/nginx worker_processes 1; events {} http { include /etc/nginx/mime.types; rewrite_log on; keepalive_requests 2147483647; # int32 max client_max_body_size 0; # Pythnet, listening on ports 7799:7800 upstream pythnet_backend { server YOUR_PYTHNET_NODE.rpcpool.com:443; keepalive 4; } server { listen 7800; location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_pass https://pythnet_backend/YOUR_PYTHNET_AUTH_TOKEN_HERE/; proxy_set_header Host YOUR_PYTHNET_NODE.rpcpool.com; } } server { listen 7799; location / { proxy_http_version 1.1; proxy_set_header Connection ""; proxy_pass https://pythnet_backend/YOUR_PYTHNET_AUTH_TOKEN_HERE/; proxy_set_header Host YOUR_PYTHNET_NODE.rpcpool.com; } } # Solana Mainnet, listening on ports 7899:7900 upstream mainnet_backend { server YOUR_MAINNET_NODE.rpcpool.com:443; keepalive 4; } server { listen 7900; location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_pass https://mainnet_backend/YOUR_MAINNET_AUTH_TOKEN_HERE/; proxy_set_header Host YOUR_MAINNET_NODE.rpcpool.com; } } server { listen 7899; location / { proxy_http_version 1.1; proxy_set_header Connection ""; proxy_pass https://mainnet_backend/YOUR_MAINNET_AUTH_TOKEN_HERE/; proxy_set_header Host YOUR_MAINNET_NODE.rpcpool.com; } } }