Question

App to Droplet routing

I have a static website deployed in the App Platform. This website will have a domain name with Let’s Encrypt SSL configured. My Domain name is hosted on Namecheap, routing emails to another destination. I will add the required records to route non-email requests to the DO App.

This app clients will call a NodeJS back-end service, that will be hosted on a Droplet. This is totally in the back not serving any front-end users.

This Droplet service will have three folders for DEV, TST and PRD environments, probably with different port numbers, hosting the NodeJS service code in each folder.

I want to save the trouble of adding a domain name and an SSL certificate for this Droplet, by somehow using the main front-end web app existing SSL’ed domain, and somehow route the Droplet requests to the Droplet.

Is this something I can do? Is this internal routing can be secured or must it go outside the DO “LAN”? What do I need to configure in order to achieve this?

Thanks! Mor


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
March 25, 2024

Hey!

I don’t think that this is technically possible, as your frontend app will essentially run on your customers’ machines when they visit the static site via their browsers. This means that the client machines will be making the requests to the backend, which needs to be publicly accessible.

For this to work, you would need to have a proxy or a load balancer to handle your SSL termination.

What I would personally do is to use Nginx as a reverse proxy for my backend services which will also handle the SSL termination.

You can use Let’s Encrypt with certbot to automate your SSL certificates so you would essentially only need to run the certbot commands once and then it will handle the renewals for you:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04

Hope that this helps!

Best,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more