nginx-config

server {                                                              
  server_name your_domain_name; 
                                                              
 # root /var/www/html;                                   
 # index index.html index.htm index.nginx-debian.html;                                                          
 
 # GRAFANA
 location / {
   proxy_pass http://localhost:3000/;                           
}                                                            

 # API Gateway
 location /hive/api/ {
   proxy_pass http://localhost:5000/api/; 
}

 # SEQ
 location /seq/ {
   proxy_pass http://localhost:5341/;
}

 # VAULT
 location /vault/ {
   proxy_pass http://localhost:8200/;

   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header Accept-Encoding ""; # needed for sub_filter to work with gzip enabled (https://stackoverflow.com/a/36274259/3375325)

   proxy_redirect /ui/ /vault/ui/;

   sub_filter '<head>' '<head><base href="/vault/">';
   sub_filter '"/ui/' '"ui/';
   sub_filter_once off;
 }

location /v1 {
    proxy_pass http://localhost:8200;
}

 # IDENTITY SERVICE
 location /identity/ {
   proxy_pass  http://localhost:5999/;
   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection keep-alive;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_cache_bypass $http_upgrade;
}


    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/your_domain_name/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/your_domain_name/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = your_domain_name) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

                                                        
  listen 80 default_server;
  listen [::]:80 default_server;
                                                              
  server_name your_domain_name;
    return 404; # managed by Certbot

}