Hey Folks,
My first experience with Phoenix is coming full circle. The marketing website I’ve been developing for my company is complete, fully functional and the only thing left to do is setup SSL/TLS
on my production machine.
Deployment Setup
The marketing website, which will eventually be turned into online design software, is hosted entirely on Amazon Web Services. I’m using a PostgreSQL RDS
instance for my database and am pushing the compiled release directly to a Linux EC2
instance. I’m NOT using Amazon ECS
or any container technology such as Docker
. I wanted to keep the initial release as simple as possible, but will probably use it in future releases when I pin down a proper CI pipeline for the project.
As it stands the release is compiled on an EC2
staging environment, copied and then started on the production machine of the same OS (Ubuntu) and hardware. The running instance currently runs on port 4000
. I’m running NGINX
as a service to listen for inbound requests on port 80
and proxying the requests to port 4000
. My question is regarding where and how to setup SSL/TLS
? The way I see it, I have two options. I can add SSL/TLS
to the projects config/prod.exs
or config/runtime.exs
and set force_ssl:
.
The second option would be to configure SSL/TLS
inside the NGINX
server configuration and link to the private/public SSL certificate and key within this configuration. The Phoenix project would keep the same configurations and NGINX
would simply just proxy the requests from port 443
to port 4000
.
This is the last piece of the puzzle for my Phoenix application. Please let me know which approach is best practice, If I’m missing something important, or if there’s simply just a better way to do this.
Regards,
Scott