My first experience with Phoenix is coming full circle. The marketing website I’ve been developing for my company is complete, fully functional and the only thing left to do is setup
SSL/TLS on my production machine.
The marketing website, which will eventually be turned into online design software, is hosted entirely on Amazon Web Services. I’m using a
PostgreSQL RDS instance for my database and am pushing the compiled release directly to a
Linux EC2 instance. I’m NOT using
Amazon ECS or any container technology such as
Docker. I wanted to keep the initial release as simple as possible, but will probably use it in future releases when I pin down a proper CI pipeline for the project.
As it stands the release is compiled on an
EC2 staging environment, copied and then started on the production machine of the same OS (Ubuntu) and hardware. The running instance currently runs on port
4000. I’m running
NGINX as a service to listen for inbound requests on port
80 and proxying the requests to port
4000. My question is regarding where and how to setup
SSL/TLS? The way I see it, I have two options. I can add
SSL/TLS to the projects
config/runtime.exs and set
The second option would be to configure
SSL/TLS inside the
NGINX server configuration and link to the private/public SSL certificate and key within this configuration. The Phoenix project would keep the same configurations and
NGINX would simply just proxy the requests from port
443 to port
This is the last piece of the puzzle for my Phoenix application. Please let me know which approach is best practice, If I’m missing something important, or if there’s simply just a better way to do this.