NGINX Proxy for self-hosted Userify

Q. I'd like to use NGINX as a proxy server in front of Userify Enterprise. Are there any recommended settings?

Here is a sample NGINX Configuration to the following to terminate TLS at the NGINX server and send all requests for paths beginning with /api directly to the Userify server(s) started in the multi-core scripts.

upstream proxybackend {
    server 192.168.1.1       weight=5;
    server ip-192-168-21-21.us-east-1.ec2.amazonaws.com;
    server 10.10.10.12;
}

server {

      # recommended (adjust as needed)
      proxy_buffers 256 8k;

      # add other NGINX configuration as needed.

      root /opt/userify-server/web/;
      index index.html;

      location / {
            try_files $uri $uri/ 404;
      }
      location /api {
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            # optional for multi-core use above:
            proxy_pass http://proxybackend;
            proxy_pass http://127.0.0.1:8120;
      }
      location /installer.sh {
            root /opt/userify-server/web/shim/ ;
      }
      location /shim.py {
            root /opt/userify-server/web/shim/ ;
      }
}

See http://nginx.org/en/docs/http/ngx_http_upstream_module.html for more details. The above server section is intended to be within a larger http section. For example:

user nobody;
worker_processes 16;
pid /var/run/nginx.pid;
error_log /var/log/nginx/error.log info;

events {
    worker_connections 768;
    multi_accept on;
}

http {
    # .... see above
}

See also Autoscaling and Secure VPC architecture. (Note: HA Proxy may be a better option for this use case.)