nginx.conf

#user html;
worker_processes  1;

# sudo -u html nginx -p. -c nginx.conf [-s reload]

error_log  nginx/error.log;
error_log  nginx/error.log  notice;
error_log  nginx/error.log  info;

pid        nginx/nginx.pid;

events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    #default_type  application/octet-stream;
    default_type  text/plain;

    client_body_temp_path nginx/client-body;
    proxy_temp_path nginx/proxy;
    fastcgi_temp_path nginx/fastcgi;
    uwsgi_temp_path nginx/uwsgi;
    scgi_temp_path nginx/scgi;

    access_log nginx/access.log;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    gzip  on;

    server {
        listen       5080;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            proxy_pass http://localhost:5088;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        #error_page   500 502 503 504  /50x.html;

        location ~ ^(?<path>/p/[0-9a-z]+/)signup$ {
            proxy_pass http://localhost:5088;
        }

        location /p/ {
            if ($cookie_jupyter_port !~ ^[0-9]+$) {
                return 403 'no jupyter_port';
            }
            proxy_set_header Host $http_host;
            proxy_set_header Origin $scheme://$http_host;
            proxy_pass http://[::1]:$cookie_jupyter_port;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }

        location ~ ^/p/[0-9a-z]+/lab/static/(?<static_file>.*) {
            rewrite /p/.* /static/$static_file permanent;
	}

        location /static/ {
            alias asset/;
        }
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    server {
        listen       5443 ssl;
        server_name  _;

        ssl_certificate      letsencrypt/fullchain.pem;
        ssl_certificate_key  letsencrypt/privkey.pem;

        ssl                  on;
        ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
        ssl_prefer_server_ciphers  on;

        error_page 497  https://$http_host$request_uri;

        location / {
            proxy_set_header        Host $http_host;
            proxy_set_header        Origin $scheme://$http_host;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;
            proxy_http_version      1.1;
            proxy_set_header        Upgrade $http_upgrade;
            proxy_set_header        Connection "upgrade";

            # Fix the “It appears that your reverse proxy set up is broken" error.
            proxy_pass          http://localhost:5080;
            proxy_read_timeout  90;

            proxy_redirect      http://$host:5080 https://$http_host;
        }
    }

}