AFFiNE Docs
Try Online
Try Online

Domain and HTTPS

When sharing your AFFiNE instance with others or publishing docs on the internet, you propably don't want to expose the IP of your device directly but a recognizable host instead. With SSL/TLS(known as HTTPS) to gain the basic security.

The most taken way to do these is Reverse Proxy. There are bunch of Reverse Proxy tools, nginx, caddy, Apache HTTP Server, etc.

nginx and caddy are both lightweight and easy-to-use ones, so we will demostrate they two.

Websocket

Websocket is the basement of AFFiNE sync and colleboration system. Make sure your proxy allows websocket traffic.

Terms

External url

The url of the prefix for all AFFiNE sharable links. It's required for enabling reverse proxy.

Reverse Proxy

Nginx

Nginx is a well known reverse proxy and almost the first candidate what to build web on top of.

Below is an example to demostrate how to config nginx to proxy AFFiNE request.

server {
  server_name <external_url>;

  # maximum allowed uploading size
  client_max_body_size 100m;

  # Set required headers
  proxy_set_header Host              $http_host;
  proxy_set_header X-Real-IP         $remote_addr;
  proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;

  # Websocket config for Sync system
  proxy_set_header Upgrade           $http_upgrade;
  proxy_set_header Connection        "upgrade";

  location / {
    # proxy all request to AFFiNE instance.
    # modify the port :3010 if you use a different port where AFFiNE instance listens on.
    proxy_pass http://<ip-or-localhost>:3010
  }
}

HTTPS

server {
  server_name <external_url>;

  location / {
    proxy_pass http://<ip-or-localhost>:3010; 
    return 301 https://$host$request_uri; 
  }
}

server {
  listen 443 ssl;
  server_name <external_url>;
  
  ssl_certificate /path/to/your_certification;
  ssl_certificate_key /path/to/your_certification_key;
  
  location / {
    proxy_pass http://<ip-or-localhost>:3010;
  }
}

Caddy

Caddy is a much more straight-forward. It provied integrated HTTPS on the go.

<external_url> {
  reverse_proxy http://<ip-or-localhost>:3010
}

App links

After setting up reverse proxy, AFFiNE should now be available at your own host, like we've set for https://affine.app.pro.

But there is one more thing needs to be done.

Go Admin -> Settings -> Server and set external url to the host you just used in reverse proxy. It used to tell AFFiNE server how to build the links that others can access instance. For example an invitation link or public doc link.

External Url
ON THIS PAGE