Postgres 12 on Ubuntu 20.04 SSL installation

Hi @mishrashreya840, I had to start new answer because we already reached too many replies.

[secondary_label @mishrashreya840 wrote] 
Can you point me to the relevant tutorial pls? 

You can install Nginx on Ubuntu following this tutorial: https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04

To configure Nginx as reverse proxy you can base on step 7 of the below tutorial. Obviously, you need to modify settings to fit them to your environment. https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-as-a-web-server-and-reverse-proxy-for-apache-on-one-ubuntu-20-04-server

[secondary_label @mishrashreya840 wrote] 
Also, can installing nginx/apache interfere with the running application as that app does not require these running. 

I do not know that. I could imagine conflicts between dependent packages, e.g. the app might require elder versions than nginx but it is rather not that likely. It may be conflict in using TCP ports as well but it is configurable, at least on Nginx side. First, check what adresses and ports the applications listen on:

sudo netstat -tulpn

Look for your app in the result. Nginx is configured by default to listen on all addresses on TCP port 80.

Hi @communityservice, We reached too many replies, so I started a new answer.

@communityservice wrote
sudo netstat -tulpn | grep -e 6000 -e 6001 

resulted in below

tcp 0 0 1.2.3.4:6000 0.0.0.0:* LISTEN 24317/./appname

It looks like before. First of all, you need to change the settings in your app configuration to make it listening on localhost (127.0.0.1), not on public IP address (1.2.3.4 in the example). Otherwise, the configuration I sent you will not work, you will have two services listening on your public IP port 6000, the app and nginx.

@communityservice wrote
anything that I did wrong?
Or was I supposed to add it to some other file? Or maybe creating sym link?

You can add new server blocks to your existing file as well as to a new file. In the first case you do not have to care about creating a symlink.

@communityservice wrote
nginx: [warn] the “ssl” directive is deprecated, use the “listen … ssl” directive instead in /etc/nginx/sites-enabled/domain.com:48

It is just a warning but it would be good to fix it too. What is your directive in line 48 of the file /etc/nginx/sites-enabled/domain.com ?

And remember to restart nginx service after changing its configuration. First check if the syntax of config files is OK, of course :)

sudo nginx -t

sudo systemctl restart nginx

Hi @communityservice, I had to open new answer again :) Sorry I left you without response but I dived into DO’s API and almost drowned :D :D :D

@communityservice/@unicornomy wrote
I have an app (public facing) on http://domain.com:6000 which has various sub URLs like

http://domain.com:6000/subscribe/3423-23452345-fsd-a345-234

and

http://domain.com:6000/unsubscribe/341234-2345-fasdf-1453245 etc.

These URLs are also sent out to subscribers via email and when they are clicked by customers the insecure version (http) with port number open up which really does not look secure and neat. Thus I need to move them to

https://domain.com/subscribe/3423-23452345-fsd-a345-234

and

https://domain.com/unsubscribe/341234-2345-fasdf-1453245

with the action of both the URLs remaining unaffected. I feel this needs to be achieved out of server block setting of nginx, but unable to find a working solution for the same.

What is the website server for your app, working on port 6000 ? Can you provide a result of the command below, pls. ?

sudo netstat -tulpn | grep 6000