KiloClawPowered by OpenClaw
Back to Cookbook

Nginx Whisperer

Generate and debug nginx configs without the Stack Overflow scavenger hunt

Describe what you want (reverse proxy, load balancer, SSL termination, rate limiting) and get a validated nginx config. Also debugs existing configs — explains the confusing location block matching, if-is-evil pitfalls, and proxy_pass trailing slash gotchas.

House RecipeWork1 min

INGREDIENTS

🐙GitHub

PROMPT

Create a skill called "Nginx Whisperer". Help me generate, debug, and optimize nginx configurations: Mode 1 — Generate: When I describe what I need (reverse proxy to backend on port 3000, SSL with Let's Encrypt, rate limiting, etc.), generate a complete nginx config with: - Proper server blocks with listen directives - TLS configuration appropriate for the nginx/OpenSSL version in use - Reverse proxy with correct headers and websocket support if needed - Rate limiting and security headers - Comments explaining each directive Mode 2 — Debug: When I paste an existing config or describe a problem, analyze it for: - Location block matching issues (explain the priority: = > ^~ > ~ > none) - `proxy_pass` trailing slash behavior - "if is evil" violations - Missing security headers - Performance optimizations (gzip, caching, buffer sizes) Always validate with `nginx -t` if nginx is available on the system.

How It Works

Nginx has 80,000+ questions on Stack Overflow because its config syntax is

powerful but treacherous. This skill generates correct configs from plain

English and explains the "why" behind every directive.

What You Get

  • Config generation from plain English descriptions
  • SSL/TLS configuration with modern cipher suites
  • Reverse proxy setup with proper headers (X-Real-IP, X-Forwarded-For, etc.)
  • Rate limiting and connection limiting
  • Location block matching explanation (= vs ~ vs ^~ vs none)
  • Syntax validation via `nginx -t`
  • Security headers (HSTS, CSP, X-Frame-Options)

Setup Steps

  1. Describe what you need: reverse proxy, SSL, load balancing, static files, etc.
  2. Review the generated config and the explanation of each directive
  3. Validate with `nginx -t` if nginx is available
  4. Deploy and test

Tips

  • Always use `nginx -t` to validate before reloading
  • The trailing slash on proxy_pass changes path behavior — this is the #1 gotcha
  • Use `return 301` instead of `rewrite` when you can — it's simpler and faster
  • Ask your Claw to explain location block matching order — it's non-intuitive
  • Request a security audit of existing configs to catch common misconfigurations
Tags:#nginx#web-server#configuration#devops

Related Recipes

Pipeline Paramedic

Stop the push-and-pray CI debugging loop

Paste your failing pipeline config and the error log. Your Claw spots YAML mistakes, platform-specific gotchas, and likely root causes before you burn another CI run.

Work1 min

Dockerfile Doctor

Faster builds, smaller images, fewer headaches

Paste your Dockerfile and get it back cleaner, smaller, and easier to cache. Good starter recipe for developers because the advice is concrete and the output is easy to compare against the original.

Work1 min

Source Hunter

Real sources, named experts, actual quotes

Deep research that finds primary sources with named individuals, community sentiment from Reddit/HN/X, and news coverage. No summaries of summaries — actual quotes with URLs.

Creative1 min

Portfolio Site Generator

A professional portfolio site from your resume in 10 minutes

Generate a simple portfolio site from your resume and projects — especially useful for developers, designers, writers, and other portfolio-driven roles.

Creative10 min