Category: Deployment
Updated

This solution is summarized from an archived support forum post. This information may have changed. If you notice an error, please let us know in Discord.

NGINX, Letsencrypt, Reverse Proxies, Open to the Internet?

Issue

As a user testing Appsmith on-prem, I had concerns about exposing the server to ports 80 and 443 directly to the internet. I wanted to set up nginx to proxy connections and terminate SSL for Appsmith in our DMZ. I also had questions about using LetsEncrypt on the nginx proxy and configuring Google Oauth2. The Appsmith team provided helpful guidance and a fix for the Google Oauth2 issue, which was eventually released in a patch. Overall, the experience was positive and the team was responsive to my needs.

Resolution

The fix for the issue with Google OAuth2 not working behind NGINX  is to modify the code manually in the Docker image. The issue was later fixed in Appsmith version 1.8.6.

The solution involved configuring NGINX to send the X-Forwarded-Host header correctly, modifying SSL certificate settings, and ensuring Appsmith had access to the internet. The NGINX config code example was provided in the conversation.