Hey @workinonit530, thank you for writing to us. Sorry for the delay in getting back.
Perhaps yes, but for exposing services on the public Internet, there’s no such thing as too much paranoia. You don’t have to expose Appsmith to the outside world. You can just have it available in your VPN or Intranet or LAN or whatever. But please do ensure that Appsmith will have access to Internet.
That should be okay. I don’t recall an instance that was setup exactly like that, unfortunately, but we have seen instances where Appsmith was set behind an SSL-terminating reverse proxy. Like ALB etc. NGINX shouldn’t be any different. An initial config fragment might look something like this:
I have one more question. Anything I need to do to get Google Oauth2 working behind nginx? I can see that the internal IP of the server that was proxied to is returned and Google doesn’t like that.
Hey, actually, no. It should work well enough. Can you double-check if your NGINX is set to send the X-Forwarded-Host header correctly? This is included in my example config in my previous message.
It is set in my nginx config. I feel like I am taking up too much of your time. We are not paying customers yet so maybe I’ll just keep working on creating an app and open some support tickets once we are ready to go live.
But if you don’t mind helping, I also noticed that while appsmith works on port 8080, it does not work on port 8443. So I am sure I have a few things that I am just doing wrong. I can post configs if it helps.
Hey @workinonit530, sorry missed your reply. Not working on another port is odd indeed. If you are still facing this issue, can you share the config so I can try reproduce please? Thanks!
Don’t worry about taking up too much time. I respond when I can. That’s the beauty of communicating async.
I think I have it working. First I had to get my SSL cert under control (no thanks to GoDaddy and their non fully chained certs). I took a look at this thread and modified my nginx config.
As long as this works I guess I don’t have to have Appsmith running on port 8443. I appreciated the work done on that other post. It really helped me understand what Appsmith does to generate SSL certs (or not as the case may be).
Hey @harsha-vahan, awesome, thank you for doing the change and confirming the fix. I’ve merged it in, but and should be a part of next week’s release. Thanks again!
if you’re talking about v1.8.5 from nine days ago, that didn’t have the fix @sharat87 linked to above. v1.8.6 going out tomorrow has the fix. apologies for the delay.