How would you enable HTTPS on a default nextjs app, Linux

Question

When I run 'next start' on my Linux server, nextjs only seems to host on HTTP. I've installed let's encrypt but can't seem to find a way to link the certificate with the default next js server. However, I've seen that there is a solution that involves creating a server.js file to manually start up your next server but using that also inhibits nextjs's ability to use features such as server-side rendering and serverless functions. I find it hard to believe there isn't a way around this due to the mainstream use of nextjs?

If anyone has found a way around this or has any information, please share.

Answer 1

You need to set up nginx to route your domain to your Nextjs port. Check which port your nextjs is running. Example port 3000 is the default.

On your server, install nginx as normal. Many tutorials on the web. Once installed:

cd /etc/nginx/sites-available

nano example.com

Copy/Paste nginx setup from below

# *q is our domain, replace port 3000 with your port number
server {
  listen 80;
  listen [::]:80;

  root /var/www/html;
  index index.html index.htm index.nginx-debian.html;

  server_name example.com www.example.com;

location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
}
  
  # for letsencrypt
  location ~ /.well-known {
    allow all;
  }
}

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/example.com

nginx -t

service nginx restart

Make sure your Nextjs is running.

Install Letsencrypt as normal. Many tutorials on the web.

sudo apt update && sudo apt install certbot python3-certbot-nginx

certbot --nginx -d example.com -d www.example.com

certbot certonly --standalone --preferred-challenges http -d example.com

certbot renew --dry-run