---

4.3.1 TLS termination with Nginx ¶

Nginx is the recommended way to serve Telebugs over HTTPS when using your own TLS certificate. It acts as a reverse proxy, handling TLS termination and forwarding requests to the Telebugs app running in a Docker container. When prompted to enter your domain during the telebugs setup command, leave it empty and press Enter. This configures Telebugs to run on http://localhost:5555 without TLS, allowing Nginx to manage the certificate.

1. Install Nginx:

   apt-get update
   apt-get install nginx
   

2. Configure nginx. Create a configuration file at /etc/nginx/sites-available/telebugs

   server {
     listen 443 ssl;
     server_name <YOUR_DOMAIN>;
   
     ssl_certificate /path/to/your/fullchain.pem;
     ssl_certificate_key /path/to/your/privkey.pem;
   
     location / {
         proxy_pass http://localhost:5555; # Forward to Docker container
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
   }
   
   server {
     listen 80;
     server_name <YOUR_DOMAIN>;
     return 301 https://$host$request_uri; # Redirect HTTP to HTTPS
   }
   

3. Link the configuration file to the sites-enabled directory to activate it:

   ln -s /etc/nginx/sites-available/telebugs /etc/nginx/sites-enabled/
   

4. Test the configuration and restart Nginx:

   nginx -t
   systemctl restart nginx
   

Once completed, Nginx will handle your custom certificate and securely forward traffic to Telebugs on http://localhost:5555. This setup gives you the flexibility to use your preferred TLS certificates.