An Nginx reverse proxy sits in front of your applications (n8n, Node.js, Flask, etc.) and handles incoming web traffic. It lets you run multiple apps on one server, add SSL, and serve apps on port 80/443 instead of obscure ports like 5678.
Step 1: Install Nginx
SSH into your server and run:
apt update && apt install nginx -y (Ubuntu/Debian)
Verify Nginx is running: systemctl status nginx
Step 2: Create a Server Block for Your Domain
- Create a new config file:
nano /etc/nginx/sites-available/yourdomain.com
- Paste this configuration (replace yourdomain.com and the port number with your app's port):
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
location / {
proxy_pass http://127.0.0.1:5678;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
- Enable the site:
ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
- Test the config and reload Nginx:
nginx -t && systemctl reload nginx
Step 3: Add SSL with Certbot (Free Let's Encrypt)
- Install Certbot:
apt install certbot python3-certbot-nginx -y
- Get and install a certificate:
certbot --nginx -d yourdomain.com -d www.yourdomain.com
- Follow the prompts. Certbot automatically updates your Nginx config to use HTTPS.
- Test auto-renewal:
certbot renew --dry-run
Common Use Cases for Nginx Reverse Proxy on Hordanso VPS
- Serve n8n at https://n8n.yourdomain.com (proxy_pass to 127.0.0.1:5678)
- Serve Grafana at https://grafana.yourdomain.com (proxy_pass to 127.0.0.1:3000)
- Serve a Node.js/Express app at https://api.yourdomain.com (proxy_pass to 127.0.0.1:3000)
Note: Make sure your domain's DNS A record points to your VPS IP before running Certbot. Let's Encrypt verifies domain ownership via HTTP before issuing the certificate.
