Thinking of moving my app to Nginx Reverse Proxy Question

Right now I’m running on AWS with the following setup:

  • Route53
  • ELB
  • EC2 (Nginx / Elixir App)
  • Aurora (PostgreSQL)

Right now this is managed by Terraform, and really overall is just a bit too complicated for my needs, especially if I want to start scaling.

I’m wondering what the best approach is for structuring apps in Fly. One requirement I have is that everything lives under the same domian (here is our current setup:

  • (nginx reverse proxy to a netlify app)
  • (nginx reverse proxy to an AWS hosted wordpress blog)
    • This includes locations for wp-admin, and other WP specific things.
  •* A Phoenix / LiveView app.

Moving the blog and info routes to a subdomain is not an option for me unfortunately.

Here is the root of my question:
Should I have a separate Nginx Fly app that only serves as the reverse proxy, and then forward traffic to a separate fly app running the Elixir code? Or should I attempt to pack both into one container, and run them together?

I’m leaning towards separate apps, as I think it makes more sense, and is less complicated to maintain. My main worry is if the internal DNS resolution is capable of load balancing appropriately, especially during rolling redeploys.

One of my main reasons for moving to Fly is to make scaling, and zero downtime deploys easy.

Are you definitely going to use nginx for this? We actually have a similar setup, but do all proxying with Phoenix and ReverseProxyPlug. It’s super easy to test locally.

NGINX should work ok. I would also be concerned about making it use internal DNS for load balancing, it’s almost deliberately difficult to use do intelligent DNS lookups in free NGINX because they’ve put so many features behind paid NGINX. The best bet might just to be do something like:

set $origin "http://nearest.of.<app>.internal";
proxy_pass $origin;

And test it with a few deploys. HAProxy is much easier to configure for this, if you end up not liking how NGINX works.

1 Like

I’m not set on Nginx (it’s just what we have working right now). I’ll have to check out ReverseProxyPlug. That sounds like a much easier route. I was mainly trying to keep non-app traffic off the Elixir app, but I’ll take speed and and ease of management over that ideal for now.