Nginx configuration setup

nginx-link-port.md

Nginx Configuration Setup

Install Nginx

sudo apt update
sudo apt install nginx

Link port with domain

Open this file in nano or vim /etc/nginx/nginx.conf

http{
  server{
    listen 80;
    server_name DOMAIN.com www.DOMAIN.com;
    location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $http_host;
      proxy_pass http://<IP_ADDRESS>:<PORT>; # Example http://127.0.0.1:3000
    }
  }
}

After updating nginx.conf apply this commands
Test nginx.conf sudo nginx -t
Restart nginx service sudo systemctl restart nginx or sudo service nginx restart
Check nginx status sudo systemctl status nginx or sudo service nginx status

Issue ssl certificate from certbot

Ref: https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/

Install certbot

sudo apt-get update
sudo apt-get install certbot
sudo apt-get install python-certbot-nginx ( Use python3-certbot-nginx if python3 is installed already )

Obtain the SSL/TLS Certificate

sudo certbot --nginx -d DOMAIN.com -d www.DOMAIN.com

It'll handle the required modification for https in nginx.conf

Automatically Renew Let’s Encrypt Certificates

crontab -e 0 12 * * * /usr/bin/certbot renew --quiet

Manually setup SSL and https configuration on nginx

http{
  server{
    listen 80;
    server_name DOMAIN.com www.DOMAIN.com;
    return 301 https://$server_name$request_uri;
  }

  server {
    listen 443 ssl;
    server_name DOMAIN.com www.DOMAIN.com;

    ssl_certificate /etc/letsencrypt/live/spotcodes.in/cert.pem;
    ssl_certificate_key /etc/letsencrypt/live/spotcodes.in/privkey.pem;

    location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $http_host;
      proxy_pass http://<IP_ADDRESS>:<PORT>; # Example http://127.0.0.1:3000
    }
  }
}

---

Test SSL certificate installation

https://www.geocerts.com/ssl-checker

Usefull links and credits

• https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/#auto-renewal
• https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04
• https://levelup.gitconnected.com/how-to-install-ssl-certificate-for-nginx-server-in-amazon-linux-2986f51371fb
• https://www.youtube.com/watch?v=X3Pr5VATOyA

I followed your guide to set up Nginx with SSL on my Ubuntu server, but I ran into a couple of issues. Initially, the Nginx configuration test failed due to a syntax error in nginx.conf. I realized I hadn't replaced <IP_ADDRESS> and in the proxy_pass directive properly. After fixing that, the sudo nginx -t command worked perfectly.

Another problem was with the SSL certificate issuance using Certbot. I received an error related to my domain verification. It turns out my DNS records were not correctly pointing to my server's IP. Once I updated the A records, Certbot successfully generated the certificates.

Also, for the automatic renewal, adding the certbot renew command to the crontab worked as expected. However, I'd recommend running a dry-run first (sudo certbot renew --dry-run) to ensure the setup is error-free.

The provided resource for testing the SSL certificate (GeoCerts SSL Checker) was extremely helpful in verifying the installation.

For anyone else facing similar challenges, this detailed guide on How to Install Nginx on Ubuntu could be a great starting point.

Thanks for including useful links like Let's Encrypt on Nginx. They really helped clarify a lot of the steps, especially for SSL setup!

Would appreciate more troubleshooting tips for common issues during Certbot and Nginx setup. 😊