From 4260fd5734fea3899d72f2547fd88bd6944830df Mon Sep 17 00:00:00 2001
From: prathamesh0 <prathamesh.musale0@gmail.com>
Date: Tue, 25 Apr 2023 18:18:06 +0530
Subject: [PATCH] Add sample nginx config for hosting the app

---
 .../watcher-p2p-network/watcher.md            |  3 +-
 .../watcher-p2p-network/web-app.md            | 35 +++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/app/data/stacks/mobymask-v2/watcher-p2p-network/watcher.md b/app/data/stacks/mobymask-v2/watcher-p2p-network/watcher.md
index edfe6308..bdd31339 100644
--- a/app/data/stacks/mobymask-v2/watcher-p2p-network/watcher.md
+++ b/app/data/stacks/mobymask-v2/watcher-p2p-network/watcher.md
@@ -221,7 +221,8 @@ Connect a browser peer to the watcher's relay node:
 * Click on `UPDATE` to refresh the page and connect to the watcher's relay node; you should see the relay node's multiaddr in `Self Node Info` on the debug panel
 * Switch to the `GRAPH (PEERS)` tab to see peers connected to this browser node and the `GRAPH (NETWORK)` tab to see the whole MobyMask p2p network
 
-Perform transactions (invite required):
+Perform transactions:
+* An invitation is required to be able to perform transactions; ask an existing user of the app for an invite
 * In a browser, close the app if it's already open and then open the invite link
 * From the debug panel, confirm that the browser peer is connected to at least one other peer
 * Check the status for a phisher to be reported in the `Check Phisher Status` section on homepage
diff --git a/app/data/stacks/mobymask-v2/watcher-p2p-network/web-app.md b/app/data/stacks/mobymask-v2/watcher-p2p-network/web-app.md
index 3ff46f23..501a3fdf 100644
--- a/app/data/stacks/mobymask-v2/watcher-p2p-network/web-app.md
+++ b/app/data/stacks/mobymask-v2/watcher-p2p-network/web-app.md
@@ -97,6 +97,41 @@ To monitor the running container:
 Note: For opening an invite link on this deployed app, replace the URL part before `/#` with `http://localhost:3004`
 For example: `http://localhost:3004/#/members?invitation=XYZ`
 
+In order to host the app using a public domain, configure your website with SSL and the `https` traffic forwarded to port `3004`.
+
+For example, a Nginx configuration for domain `my-mobymask-app.example.com` would look something like:
+
+  ```bash
+  server {
+    server_name my-mobymask-app.example.com;
+
+    location / {
+      proxy_pass http://localhost:3004;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    listen [::]:443 ssl;
+    listen 443 ssl;
+    ssl_certificate /etc/letsencrypt/live/my-mobymask-app.example.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/my-mobymask-app.example.com/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+  }
+
+  server {
+    if ($host = my-mobymask-app.example.com) {
+      return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+    server_name my-mobymask-app.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+  }
+  ```
+
 ## Clean up
 
 Stop all services running in the background: