Codementor Events

Installing Express/Nginx app with SSL using Certbot on Ubuntu 18.04

Published Nov 17, 2018Last updated Nov 19, 2018

This is a quick guide on how to setup NGINX as a reverse proxy in front of an Express.js application and how to have a free SSL certificate using Certbot, all in under 10 minutes!

Node.js & Express

Installing Node.js 10.x

curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
sudo apt-get install -y nodejs

Creating a basic Express app

mkdir my-app
cd my-app
npm init # Fill the form
npm install express

Create an index.js file and paste the following:

nano index.js
'use strict';

const express = require('express');
const app = express();

app.get('/', (req, res) => {
  res.send('Express/Nginx/Certbot tutorial');
});

app.listen(3001);

Install PM2

PM2 is a Node.js process manager that will run our app on the background & restart it on boot/crash.

sudo npm install -g pm2
sudo pm2 startup
sudo pm2 start index.js
sudo pm2 save

We can check that our app is running visiting http://yourdomain.com:3001 (You don't have an SSL certificate yet so https won't work)

Installing & Setting up Nginx

sudo apt install nginx

Now we have to create a server configuration

sudo nano /etc/nginx/sites-available/yourdomain.com.conf

And copy the following:

server {
  listen 80;
    
  server_name yourdomain.com www.yourdomain.com;
    
  location / {
    proxy_pass http://localhost:3001; # Change the port if needed
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
  }
}

Nginx lacks the command a2ensite that apache2 has on Ubuntu, so we have to create the symlink running the following command:

sudo ln -s /etc/nginx/sites-available/yourdomain.com.conf /etc/nginx/sites-enabled/

After that, we need to run:

sudo service nginx restart # or reload

To check Nginx installation visit: http://yourdomain.com

You will need to see the Express application being served.

Certbot:

Installation

sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install python-certbot-nginx 

Getting the certificate:

sudo certbot --nginx

The command will automatically detect the domain/s used in the server_name directive of the nginx conf.

After the execution you will have a certificate & the Nginx configuration will be changed automatically to use it.

Restart Nginx

sudo service nginx restart

And now go to: https://yourdomain.com

Discover and read more posts from Marcos Casagrande
get started
post comments6Replies
ffd8
4 years ago

Thanks for the guide, super fast and clear instructions! Only question is, with these instructions for installing certbot, will it auto renew the certificates? Guessing it’s supposed to be done every 60 days or so? I couldn’t find anything in the crontab…

Sasi PHP
5 years ago

Hi Marcos I followed the above steps, but 502 bad gateway error coming on this domain https://beta.havehalalwilltravel.com

But this link working fine: https://beta.havehalalwilltravel.com:3002/

But I want my app working on https://beta.havehalalwilltravel.com

Marcos Casagrande
5 years ago

Bad gateway means that Nginx can’t communicate correctly with the application. I’ll need to see your nginx conf.

Jonas Grøndahl
6 years ago

Very cool! I followed the guide, everything went through, no errors. SSL still not working though? It takes some time to propogate or should it work immediately?

Marcos Casagrande
6 years ago

If you can access with HTTP (port 80), then the DNS is propagated and HTTPS should work.

Don’t forget to restart Nginx, and make sure you don’t have a firewall blocking port 443.

Jonas Grøndahl
6 years ago

Thank you, it was a firewall problem 😁

Show more replies