Hi, when I run a Node.js app on AWS EC2, I usually run it behind an Nginx reverse proxy to avoid exposing Node.js directly to the internet.
Should I do the same here?
I understand that every Fly.io machine runs behind a proxy (Fly proxy). Is this enough to provide the same level of security that Nginx offers?
Thanks
Fly proxy has nothing to do with making your app private. To do so, you can release the public ips. You can proxy all your private apps under a single nginx server and add some basic auth or whitelist ips there.
The app is public, I want to know what is the best practice to expose a Nextjs app in fly.io.
I would rather not use nginx if I don’t need to.
I was confused by this.
You do not need nginx in front of your app. Fly will expose your via your fly.toml config: App configuration (fly.toml) · Fly Docs
When you fly launch, it should auto detect your nextjs app and auto config most things.