I have two Docker containers, spring boot and Angular.

Also, I have Nginx installed in Ubuntu.

I have this conf file Nginx to redirect the Angular application with HTTPS

  server {
root /var/www/html;
        server_name dev.xxxxx.io www.dev.xxxxx.io;
        location / {
            proxy_pass         http://127.0.0.1:8080;  # Angular container port
        
        proxy_redirect     off;
            proxy_set_header   Host $host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Host $server_name;
            proxy_set_header   X-Forwarded-Proto $scheme;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/dev.xxxxx.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/dev.xxxxx.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.dev.xxxxx.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = dev.xxxxx.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80; 
        listen [::]:80;
        server_name dev.xxxx.io www.dev.xxxxx.io;
    return 404; # managed by Certbot

My angular container run with port 8080:80 ( the docker file are simple ) And Springboot container run with port 8181:8181 when I change the Environment file in Angular with https://xx.xx.xx.xx:8181 I have an error because the backend (Springboot ) is not configured like Https.

CodePudding user response：

When going to port 8181, you are pointing directly to your Spring Boot container which is obviously not running with HTTPS on port 8181.

I guess that you would want to point to your NGINX to handle SSL termination so you would need to set up another proxy that redirects to your App. If not, you can add SSL to the Spring Boot app but wouldn't be able to refresh certificates with Certbot (that it seems you are using since I can see comments about it in nginx.conf file

You can either have a different path or a different port to do that.

root /var/www/html;
    server_name dev.xxxxx.io www.dev.xxxxx.io;
    location / {
        proxy_pass         http://127.0.0.1:8080;  # Angular container port
    
        proxy_redirect     off;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }

    ### Addition start ###
    location /api {
        proxy_pass         http://127.0.0.1:8181/api;  # Spring container port and path (add context path to Spring boot as well)
    
        proxy_redirect     off;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
    ### Addition end ###

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/dev.xxxxx.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/dev.xxxxx.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

Then change the Angular app to call https://dev.xxxxx.io/api

To add context path, add server.servlet.context-path=/api to application.properties (or yaml)

P.S: I am not 100% sure you need to change the context path but I seem to recall issues if you do not.