NGINX, Letsencrypt, Reverse Proxies, Open to the Internet?

Issue

As a user testing Appsmith on-prem, I had concerns about exposing the server to ports 80 and 443 directly to the internet. I wanted to set up nginx to proxy connections and terminate SSL for Appsmith in our DMZ. I also had questions about using LetsEncrypt on the nginx proxy and configuring Google Oauth2. The Appsmith team provided helpful guidance and a fix for the Google Oauth2 issue, which was eventually released in a patch. Overall, the experience was positive and the team was responsive to my needs.

Resolution

The fix for the issue with Google OAuth2 not working behind NGINX is to modify the code manually in the Docker image. The issue was later fixed in Appsmith version 1.8.6.

The solution involved configuring NGINX to send the X-Forwarded-Host header correctly, modifying SSL certificate settings, and ensuring Appsmith had access to the internet. The NGINX config code example was provided in the conversation.

Updated

NGINX, Letsencrypt, Reverse Proxies, Open to the Internet?

Issue

Resolution

Related solutions

`PKIX Path Building Failed` Error and APIs Failing Although CA Certificates Are Added

Unable to Renew Appsmith's Expired SSL Certificate Because of Blocked Ports

Unable to Start Appsmith Instance: /Appsmith-Stacks/Configuration/Docker.env: Line <X>: <Random>: Command Not Found