Merge pull request #33 from DougAnderson444/master

updated readme

README.md

@@ -70,8 +70,37 @@ If you want to expose your store to the internet, specify the `--expose-to-inter
 
 You should probably combine this with the authorization flags so that random people don't abuse your store.
 
+#### NGINX Tips
+
 You should also consider putting your store behind NGINX with a letsecrypt certificate so that "Man In the Middle" attacks can't steal your login credentials or dat URLs.
 
+If you use NGINX, make sure your `/etc/nginx/sites-available/your-pinning-server.com` server config file looks something like this. For example, to redirect your traffic of `mydatstore` subdomain to the default port 3472 for `dat-store`:
+```shell
+server {
+  server_name mydatstore.my-pinning-server.com;
+
+  location / {
+    proxy_pass http://localhost:3472;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-for $remote_addr;
+    port_in_redirect    off;
+    proxy_http_version  1.1;
+    proxy_set_header    Upgrade         $http_upgrade;
+    proxy_set_header    Connection      "Upgrade";
+  }
+
+    listen 80;
+    listen [::]:80;
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+
+    # ... Certbot managed cerificate stuff down here ...#
+}
+```
+The fastify server will take care of the rest of your serving needs for the store.
+
 ### How do I make it run in the background?
 
 #### Linux (SystemD)