Deploying a Full Node.js Application with NGINX and SSL Using Lets Encrypt

Node.js is a popular open-source, cross-platform runtime environment that allows developers to build server-side applications using JavaScript. In this tutorial, we will learn how to deploy a Node.js application with NGINX as a reverse proxy and SSL encryption using Let’s Encrypt.

Step 1: Install NGINX

First, we need to install NGINX on our server. You can do this by running the following commands:

sudo apt update
sudo apt install nginx

After the installation is complete, start the NGINX service by running:

sudo systemctl start nginx

You can also enable NGINX to start automatically on boot by running:

sudo systemctl enable nginx

Step 2: Install Node.js

Next, we need to install Node.js on our server. You can do this by following the official installation instructions for your operating system, or you can use a Node version manager like nvm.

If you are using nvm, you can install the latest LTS version of Node.js by running:

nvm install --lts

Step 3: Deploy Node.js Application

Now, it’s time to deploy your Node.js application on the server. You can do this by copying your application files to a directory on your server. For example, you can create a directory at /var/www/myapp and copy your app files there.

sudo mkdir /var/www/myapp
sudo cp -r /path/to/your/app/* /var/www/myapp

Once your files are copied, navigate to the directory and install the required dependencies by running:

cd /var/www/myapp
npm install

You can start your Node.js application by running:

node app.js

Step 4: Configure NGINX as a Reverse Proxy

Next, we need to configure NGINX to act as a reverse proxy for our Node.js application. Create a new configuration file for your app by running:

sudo nano /etc/nginx/sites-available/myapp

Add the following configuration to the file:

server {
    listen 80;
    server_name example.com;

    location / {
        proxy_pass http://localhost:3000; # Change the port if your app runs on a different port
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Save and close the file. Then, create a symbolic link to enable the configuration by running:

sudo ln -s /etc/nginx/sites-available/myapp /etc/nginx/sites-enabled

Finally, restart NGINX to apply the changes by running:

sudo systemctl restart nginx

Step 5: Set Up SSL Encryption with Let’s Encrypt

To secure your website with SSL encryption, we can use Let’s Encrypt, a free and automated certificate authority. Start by installing the Certbot client by running:

sudo apt install certbot python3-certbot-nginx

Next, run the following command to request a new SSL certificate for your domain:

sudo certbot --nginx -d example.com

Follow the on-screen instructions to complete the certificate installation. Once the certificate is installed, Certbot will automatically configure NGINX to use HTTPS.

Step 6: Enable Automatic Renewal

Let’s Encrypt certificates expire after 90 days, so it’s important to set up automatic renewal. Certbot provides a systemd timer to take care of this for you. Enable the timer by running:

sudo systemctl enable certbot.timer

You can test the renewal process by running:

sudo certbot renew --dry-run

If there are no issues, the renewal process will be run automatically as scheduled.

That’s it! Your Node.js application is now deployed with NGINX as a reverse proxy and SSL encryption using Let’s Encrypt. You can access your application securely at https://example.com.