why use Nginx?
Setup - Starting State
- you have a webapp running on a ec2 instance with a public IP running 80.
- your webapp is running in sudo mode.
- You can access it from browser and security rules are correctly setup
End State
- Webapp will be running as normal user on port 3000 (or any other port of your choice)
- Map the traffic from namecheap to your public ec2 instance.
- use nginx as a web server to route traffic to rails app.
- use certbot to enable https endpoint.
The process
Map Your dns record to your public IP
- map your dns record and set the TTL to 1 min. After that you can check a tool like dnschecker to check the dns propagation.
- Once the dns is propagated, you should be able to access your app through the http domain name.
Install ngnix web server
Why do we need nginx ?
- It allows us to seperate webserver specific config and logic to be handles by nginx.
- allows to use same box for serving different domains and subdomains.
- allows us to run multiple apps (python apps, ruby apps) on the same box.
- allows us to run our app as a normal user (not sudo)
Install nginx by running apt-get install nginx
create a file /etc/nginx/sites-available/dubscale.conf and write the following config
server {
server_name dubscale.com;
port 80
location / {
proxy_pass http://127.0.0.1:3000;
}
}
and create a soft link in /etc/nginx/sites-enabled/dubscale.conf
This means that server is accepting traffic only at port 80 and from dubscale.com and redirecting it to localhost at port 3000.
Now, run the webapp at port 3000 with non-sudo user.
Start nginx server by running sudo service nginx start
Install certbot
Now, we will install certbot and configure ssl certificate to enable SSL certificate to the end user.
- Install certbot by
snap install --classic certbot. - Run
certbot - It will ask for your emaild id and issue the SSL certificate and also configure the nginx config.
- Verify that your site is now accessible though https domain name.