I’m trying to run Phoenix 1.5 with Nginx reverse proxy with Let’s Encrypt SSL and having little success with the configuration. I’m using edeliver to deploy, which seems to be working fine. This may be because the tutorials or configs I’m using are outdated, but it seems to be right from my end. I started with these tutorials Setting up Phoenix…2016, Nginx config w/ phx
This is what I have for my Nginx config (gist link):
upstream phoenix_upstream {
server 127.0.0.1:4000;
}
server {
listen 80;
server_name espresso.kickinespresso.com;
return 301 https://$server_name$request_uri;
}
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl;
server_name espresso.kickinespresso.com;
ssl_certificate /etc/letsencrypt/live/espresso.kickinespresso.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/espresso.kickinespresso.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://phoenix_upstream;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
Here is my config/prod.exe
for the endpoint (gist link:
config :espresso, EspressoWeb.Endpoint,
http: [port: 4000],
check_origin: false,
cache_static_manifest: "priv/static/cache_manifest.json",
server: true,
code_reloader: false
I’m also not sure if I should have other configurations in the Endpoint for URL or port. I’ve seen configurations where the url is specified like this: url: [host: "espresso.kickinespresso.com", port: 443],
but if it is a proxy_pass
from nginx shouldn’t this not matter? I’ve also seen configurations where the IP is specified for localhost like http: [ip: {127, 0, 0, 1}, port: 4000],
I’m at a bit of a loss as of how to troubleshoot this since I can’t really find any logs from nginx in /var/log/nginx/
that show any issues. The erlang log /home/espresso/app_release/espresso/var/log
also isn’t providing anything back.
Has anyone done anything similar?