nginxnginx-reverse-proxylets-encrypt

How to SSL multiple ports on same server for single domain name using nginx

I am using let's encrypt to get SSL certificates and nginx as reverse proxy. Below is my nginx conf file that I am using :

server { 
    listen 443 http2 ssl; 
    server_name example.com; 
    access_log /var/log/nginx/example.com.log; 
    error_log /var/log/nginx/example.com.log; 
    location /.well-known/acme-challenge/ { 
        root /var/www/html/grafana; # Temp for generating letsencrypt 
        default_type text/plain; 
    } 
    
    location / { 
        proxy_set_header Host $host:$server_port; 
        proxy_set_header X-Real-IP $remote_addr; 
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
        proxy_set_header X-Forwarded-Proto $scheme; 
    
        #Fix the “It appears that your reverse proxy set up is broken” error. 
    
        proxy_pass http://127.0.0.1:3000; 
        proxy_read_timeout 90; 
        proxy_redirect http://127.0.0.1:3000 http://example.com/; 
    
        #Required for new HTTP-based CLI 
    
        proxy_http_version 1.1; 
        proxy_request_buffering off; 
    } 
    
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot 
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot 
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot 
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 
} 
    
server { 
    if ($host = example.com) { 
        return 301 https://$host$request_uri; 
    } # managed by Certbot 
    
    listen 80; 
    server_name example.com; 
    return 404; # managed by Certbot 
}

============

My requirement here is :

I am running multiple applications on this server such as Jenkins, Gitlab, Grafana. And these applications are listening on different ports. The above file lets me redirect https://example.com to http://example.com:3000. But I would like to redirect my connections like this :

https://example.com:3000 -> http://example.com:3000
https://example.com:8080 -> http://example.com:8080
https://example.com:81 -> http://example.com:81

I have seen an environment doing it. But can't figure out how this was done.

Solution

  • I see a lot of people asking similar questions. I was able to figure out the solution and posted in my blog:

    https://the-tech-guy.in/2021/09/20/setup-ssl-certificate-for-multiple-ports-nginx-letsencrypt/