nginx-proxy

# It is often useful to install a webserver such as nginx (https://www.nginx.com/) in front of web applications running on a server.
# Doing so provides some important benefits:
# - You can have multiple applications listening on single port
# - Your web applications can be run by non-privileged users and listen on non-priviliged ports but still be accessible on ports such as 80 and 443 
# - Restarting nginx is much faster than restarting the web application in the case where you need to update an SSL cert

# Example nginx vhost config for acting as a proxy
# Listens on ports 80 (http) and 443 (https) for example.com and www.example.com and forwards to localhost:8080 (http) and localhost:8443(https)
server {
    listen 80;
    server_name www.example.com example.com;
    error_log  /var/log/nginx/example.com.error.log error;

    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;
    error_log  /var/log/nginx/example.com.error.log error;
    ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;

    return 301 https://www.example.com$request_uri;
}

server {
    listen      443 ssl;
    server_name www.example.com;
    error_log  /var/log/nginx/example.com.error.log error;
    ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass https://127.0.0.1:8443/;
        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}