Nginx

Install

sudo apt update
sudo apt install -y nginx
sudo systemctl enable --now nginx

Nginx comes with a systemd unit; enable --now starts it and auto-starts on boot.

Basic reverse proxy (app on :3000)

Create a server block:

sudo mkdir -p /var/www/example.com
sudo nano /etc/nginx/sites-available/example.com

server {
  listen 80;
  server_name example.com;

  location / {
    proxy_pass         http://127.0.0.1:3000;
    proxy_set_header   Host $host;
    proxy_set_header   X-Real-IP $remote_addr;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
  }
}

Enable and test:

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx

This uses proxy_pass from ngx_http_proxy_module.

HTTPS (Let’s Encrypt, auto-configure)

If you installed Certbot (snap installs the recommended build), this one command issues certs and updates Nginx config:

sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo certbot --nginx -d example.com

Renewal runs via systemd timers; you can check with systemctl list-timers.

Verify

curl -I http://example.com
curl -I https://example.com
sudo nginx -t

Notes

Certbot Nginx plugin docs: Certbot.
Nginx reverse proxy basics & headers: NGINX admin guide.
Managing the Nginx process on Ubuntu (install/start/enable): Ubuntu docs.

Install​

Basic reverse proxy (app on :3000)​

HTTPS (Let’s Encrypt, auto-configure)​

Verify​

Notes​

Install

Basic reverse proxy (app on :3000)

HTTPS (Let’s Encrypt, auto-configure)

Verify

Notes