Reverse Proxy and NGINX Configuration
This document describes how NGINX is configured on the Hadox VPS to serve multiple containerized applications using a reverse proxy setup.
NGINX Overview
- Location:
/etc/nginx/sites-available/ - Enabled via symlink:
/etc/nginx/sites-enabled/ - HTTPS: Managed via Certbot and Let's Encrypt
- Reverse proxy: Routes external domains to local Docker ports
Active Domain Proxies
madlabs.hadox.org
- Forwarded to: Docker container
madlabs_django - Internal port:
8001 - SSL: Yes
- NGINX config file:
madlabs.hadox.org
polisplexity.tech
- Forwarded to: Docker container
polisplexity_django - Internal port:
8001 - SSL: Yes
- NGINX config file:
app.polisplexity.tech
monitor.hadox.org
- Forwarded to: Netdata container
- Internal port:
19999 - SSL: Yes
- NGINX config file:
monitor.hadox.org
docs.hadox.org
- Forwarded to: MkDocs container
- Internal port:
8005 - SSL: Yes
- NGINX config file:
docs.hadox.org
SSL Management
- Tool: Certbot (
sudo certbot --nginx -d your.domain) - Renewal: Automatic cron job via Certbot
- Certificates:
- Path:
/etc/letsencrypt/live/{domain}/fullchain.pem - Key:
/etc/letsencrypt/live/{domain}/privkey.pem
Common Commands
# Test NGINX config
sudo nginx -t
# Reload after changes
sudo systemctl reload nginx
# Force renew SSL
sudo certbot renew --force-renewal
Notes
- Each domain maps to a specific Docker container via internal port binding.
- Ensure Docker containers expose the proper internal ports and that NGINX matches them.
- Always verify with
nginx -tbefore reloading configuration.