Complete Recap

Complete Recap

1. Create folder /opt/apisix.
2. Create and fill /opt/apisix/apisix.yaml (with role: data_plane, consumers, upstreams, plugin_configs, routes, and #END).
3. Make restart_apisix.sh script that stops any old container and starts a new one, mounting /opt/apisix/apisix.yaml as both config.yaml and apisix.yaml.
4. Run ./restart_apisix.sh to start APISIX.
5. Test APISIX locally: curl -u foo:bar http://127.0.0.1:9080/demo/md/3.0/accounts.
6. Install Nginx (sudo apt install nginx).
7. Install Certbot (sudo apt install certbot python3-certbot-nginx).
8. Get SSL: sudo certbot --nginx -d abeta-proxy.finmars.com.
9. Edit Nginx site at /etc/nginx/sites-available/default to add:
   

   location / {
       proxy_pass http://127.0.0.1:9080;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
   }

10. Reload Nginx (sudo nginx -t then sudo systemctl reload nginx).
11. Open firewall ports 80, 443, 9080 (sudo ufw allow ...).
12. Test https://abeta-proxy.finmars.com/demo/md/3.0/accounts in a browser.
13. Auto-renew is handled by Certbot.
14. To update, edit /opt/apisix/apisix.yaml and run ./restart_apisix.sh.

That is the full, clear set of instructions. Now your APISIX runs behind Nginx with a Let’s Encrypt SSL certificate, and you can update the config anytime by editing the file and restarting with the script.