Aug 17th, 2019

Setup reverse proxy with NGINX

Start by installing the NGINX HTTP server using

apt-get install nginx

Once NGINX is installed, create the following configuration file in /etc/nginx/sites-available/glassfish.conf:

vim /etc/nginx/sites-available/glassfish.conf
upstream glassfish { 
  server weight=100 max_fails=5 fail_timeout=5;

server {
  listen          80;
  server_name     domain.tld;
  location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://glassfish/appname/;

Next, navigate to /etc/nginx/sites-enabled and create a symbolic link to the glassfish.conf configuration file you just created:

cd /etc/nginx/sites-enabled
ln -s /etc/nginx/sites-available/glassfish.conf

Now, check if Nginx configuration syntax is OK by running:

nginx -t

and restart and enable NGINX on your virtual server startup using:

service nginx restart
update-rc.d -f nginx enable

NGINX multiple server blocks

Create separately two files (you don’t have to, but it will be much clearer) in /etc/nginx/sites-available/ and /etc/nginx/sites-available/

As an example to redirect the second one to the first one

server {
  listen        80;
  return  301;

SSL/TLS Certificate

Install certbot

apt-get install python-certbot-nginx

Generate certificates with the NGINX plug‑in

sudo certbot --nginx -d -d

verify the syntax of the configuration and restart NGINX

nginx -t && nginx -s reload

Automatically Renew Certificates

Open the crontab file

crontab -e

Add the certbot command to run every day at noon. The command checks to see if the certificate on the server will expire within the next 30 days, and renews it if so. The –quiet directive tells certbot not to generate output.

0 12 * * * /usr/bin/certbot renew --quiet

Save and close the file. All installed certificates will be automatically renewed and reloaded.

Stop and Remove

#to stop
sudo service nginx stop
#to remove (removes all package files)
sudo apt-get remove nginx
#or (removes all package files and the configuration files that package had installed)
sudo apt-get purge nginx