I ran into issues setting this up. Here is my modified nginx.conf file that worked. Note I haven’t dialed in letsencrypt but you may be best doing dns auth when requesting the cert.
events {}
http {
sendfile off;
keepalive_timeout 65;
upstream socket_nodes {
ip_hash;
# IP Address of Host running Trudesk
server local xxx.xxx.xxx.xxx:8118;
}
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name yourdomain.com;
#ssl configuration
ssl_certificate /etc/lyourSSLDir/fullchain.pem;
ssl_certificate_key /yourSSLDir/privkey.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
location ~ ^/(uploads/) {
root /usr/src/trudesk/public;
access_log off;
expires modified +1h;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
# proxy_cache one; <-- I had to comment this out or the service wouldnt start
proxy_cache_key trudesk$request_uri$scheme;
proxy_pass http://socket_nodes;
proxy_redirect http://socket_nodes https://socket_nodes;
}
# redirect server error pages to the static page /50x.html
# in the even that the trudesk instance is down, these pages will serve.
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}