localhost.conf

server {
    listen 443 ssl; # enable HTTPS
    server_name localhost;

    ssl_certificate /home/n6ls0n/blog/ssl-certs/ssl.crt; # path to your SSL certificate
    ssl_certificate_key /home/n6ls0n/blog/ssl-certs/ssl.key; # path to your SSL private key

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    # ssl_dhparam /path/to/your/dhparam.pem; # optional, but recommended for better security
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';

    allow all; # add this line to allow access to localhost

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

server {
    listen 80; # redirect HTTP to HTTPS
    server_name localhost;
    return 301 https://$host$request_uri;
}

# This file should be placed inside /etc/nginx/conf.d/