Sure, this is what I am using:
upstream app {
server my-node-app.internal:8080;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/SSL_CERT.pem;
ssl_certificate_key /etc/ssl/SSL_KEY.key;
ssl_client_certificate /etc/nginx/certs/cloudflare.crt;
ssl_verify_client on;
# Catch all @see https://nginx.org/en/docs/http/server_names.html#miscellaneous_names
server_name _;
location / {
proxy_pass http://app;
proxy_set_header Host $host;
}
}
So trying something like this should work?
- upstream app {
-
- server my-node-app.internal:8080;
-
-}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/SSL_CERT.pem;
ssl_certificate_key /etc/ssl/SSL_KEY.key;
ssl_client_certificate /etc/nginx/certs/cloudflare.crt;
ssl_verify_client on;
# Catch all @see https://nginx.org/en/docs/http/server_names.html#miscellaneous_names
server_name _;
location / {
- proxy_pass http://app;
+ set $backend "http://my-node-app.internal:8080"
+ proxy_pass $backend;
proxy_set_header Host $host;
}
}
It mentions a resolver must be configured as well, e.G. resolver 127.0.0.1 [::1]:5353 valid=30s; - what would I set this to on fly.io?
And any idea why I see the app briefly unavailable during deployment even if I am not using cloudflare, a nginx proxy and the internal network but just a standard fly app?
Thanks!