🚀 Setting Up Domain, NGINX, and SSL with Certbot for Docker-based Frappe (ERPNext)

✅ Prerequisites

• A server (e.g., Ubuntu 20.04+) with root access
• A Docker container running Frappe/ERPNext (set up via Portainer or Docker CLI)
• Your domain name (e.g., gdn-dev-new.extensionerp.com) pointing to the server’s public IP
• Ports 80 and 443 open in firewall/security groups

1. 🧳 SSH into the Server

ssh root@<your-server-ip>

2. 🐳 Identify Your Docker Container’s Port

Run:

docker ps

Note the host port mapped to the container's internal port 8000. For example:

0.0.0.0:8080->8000/tcp

Here, 8080 is the host port.

3. 🌐 Install and Configure NGINX

Install NGINX:

apt update
apt install nginx -y

Create a New NGINX Site Config:

nano /etc/nginx/sites-available/gdn-dev-new

Paste:

server {
    listen 80;
    server_name gdn-dev-new.extensionerp.com;

    location / {
        proxy_pass http://127.0.0.1:8080;  # Replace 8080 with your actual mapped port
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Enable the Site and Test:

ln -s /etc/nginx/sites-available/gdn-dev-new /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx

4. 🔐 Install Certbot and Secure with HTTPS

Install Certbot:

apt install certbot python3-certbot-nginx -y

Issue SSL Certificate:

certbot --nginx -d gdn-dev-new.extensionerp.com

Follow the prompts: - Enter your email - Agree to terms - Choose option to redirect all HTTP to HTTPS

5. ✅ Verify the Setup

Visit:

https://gdn-dev-new.extensionerp.com

You should see your app securely running over HTTPS.

6. 🔁 (Optional) Test Auto-Renewal

Certbot installs auto-renew by default. Test it with:

certbot renew --dry-run

7. 🧹 (Optional) Clean Up Duplicate Server Blocks

If NGINX warns about conflicting server name, check:

grep -r "docusign.extensionerp.com" /etc/nginx/sites-*

Then remove duplicate entries.

✅ Summary