amazon web services - AWS EB with Docker, Node and Nginx Config Issues -

on aws, have configured elastic beanstalk deploy multiple ec2 instances running dockerized node app behind elastic load balancer. in addition, have aws certificate manager working , loading site on https via ssl. here trying accomplish:

1. automatically redirect non www www.domain.com
2. automatically redirect http https

i trying use nginx accomplish this, , want process automated new instances spun via scaling rules, includes configuration automatically.

after research, found people accomplishing via .ebextensions/nginx.config file in project root.

here nginx override config file:

files:   /etc/nginx/sites-available/elasticbeanstalk-nginx-docker-proxy.conf:     mode: "000644"     owner: root     group: root     content: |        map $http_upgrade $connection_upgrade {               default        "upgrade";               ""            "";           }           server {         listen 80;         return 301 https://www.$host$request_uri;            }            server {               listen 443 ssl;              gzip on;             gzip_comp_level 4;             gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;                if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})t(\d{2})") {                   set $year $1;                   set $month $2;                   set $day $3;                   set $hour $4;               }               access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;                access_log    /var/log/nginx/access.log;                location / {                   proxy_pass            http://docker;                   proxy_http_version    1.1;                    proxy_set_header    connection            $connection_upgrade;                   proxy_set_header    upgrade                $http_upgrade;                   proxy_set_header    host                $host;                   proxy_set_header    x-real-ip            $remote_addr;                   proxy_set_header    x-forwarded-for        $proxy_add_x_forwarded_for;               }           } 

the node app running in docker container on port 3000 , port exposed.

four questions:

1. is right way aws?
2. is nginx config file correct (to redirect www , https)?
3. do need ssl certificate here in nginx config? have 1 @ domain level using aws certification manger
4. will redirect screw health checks , kill auto deployments?

of course, biggest issue cannot aws accept configuration. doing wrong?

i think there easier way using aws built in functionality simplify nginx config considerably.

certificates

with aws certificate manager load cert onto elb part of configuration, , not ec2 instances.

acm ssl certificates elastic load balancers

---

redirecting apex domain / ssl

for redirection, use alias redirect in route53 www elb in dns. elbs contain redirecting http https in configuration. note http(s)://yourdomain.com (no www or subdomain) called apex domain, , has restrictions. using alias elb supported method of redirection in aws.

q. can point zone apex (example.com versus www.example.com) @ elastic load balancer?

yes. amazon route 53 offers special type of record called ‘alias’ record lets map zone apex (example.com) dns name elb dns name (i.e. elb1234.elb.amazonaws.com). ip addresses associated amazon elastic load balancers can change @ time due scaling up, scaling down, or software updates. route 53 responds each request alias record 1 or more ip addresses load balancer. queries alias records mapped elb load balancers free. these queries listed “intra-aws-dns-queries” on amazon route 53 usage report.

amazon route 53 faqs