fix ports (#130)

* fix ports

* Add Nginx setup guide reference and update metadata

- Introduced a new entry for "self-hosting-nginx" in the metadata file.
- Added a reference to the Nginx setup guide in the "self-hosting-advanced" documentation for SSL certificate setup using Certbot.

docker-compose.yml

@@ -58,7 +58,7 @@ services:
       context: ./server
       dockerfile: Dockerfile
     ports:
-      - "${HOST_BACKEND_PORT:-127.0.0.1:3001}:3001"
+      - "${HOST_BACKEND_PORT}"
     environment:
       - NODE_ENV=production
       - CLICKHOUSE_HOST=http://clickhouse:8123
@@ -88,7 +88,7 @@ services:
       args:
         NEXT_PUBLIC_BACKEND_URL: ${BASE_URL}
     ports:
-      - "${HOST_CLIENT_PORT:-127.0.0.1:3002}:3002"
+      - "${HOST_CLIENT_PORT}"
     environment:
       - NODE_ENV=production
       - NEXT_PUBLIC_BACKEND_URL=${BASE_URL}

docs/src/content/_meta.js

@@ -13,6 +13,7 @@ export default {
   },
   "self-hosting": "",
   "self-hosting-advanced": "",
+  "self-hosting-nginx": "",
   _5: {
     type: "separator",
     title: "Settings",

docs/src/content/self-hosting-advanced.mdx

@@ -80,3 +80,5 @@ server {
     }
 }
 ```
+
+For a detailed step-by-step guide on setting up Nginx with SSL certificates using Certbot, see our [Nginx Setup Guide](/docs/self-hosting-nginx).

docs/src/content/self-hosting-nginx.mdx

@@ -0,0 +1,125 @@
+import { Callout } from 'nextra/components'
+
+# Custom Nginx Setup
+
+Rybbit comes with a built-in webserver (Caddy), but you can use your own web server by using the `--no-webserver` flag on the `setup.sh` script. This is an example of how to set up Nginx with SSL certificates using Certbot.
+
+## Prerequisites
+
+- A domain name pointing to your server
+- A Linux-based server (these instructions use apt-based systems like Ubuntu/Debian)
+- Rybbit installed with the `--no-webserver` flag
+
+## Installation
+
+First, install Nginx and Certbot:
+
+```bash
+# Update package lists
+sudo apt update
+
+# Install Nginx
+sudo apt install nginx
+
+# Install Certbot and the Nginx plugin
+sudo apt install certbot python3-certbot-nginx
+```
+
+## Configure Nginx
+
+Create a new Nginx server configuration file:
+
+```bash
+sudo nano /etc/nginx/sites-available/rybbit
+```
+
+Add the following configuration (replace `your.domain.name` with your actual domain):
+
+```nginx
+server {
+    listen 80;
+    server_name your.domain.name;
+
+    # We'll start with a basic HTTP configuration
+    # Certbot will modify this file later to add HTTPS
+
+    location / {
+        proxy_pass http://localhost:3002;  # Client port
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /api/ {
+        proxy_pass http://localhost:3001/;  # Backend port
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+```
+
+<Callout type="warning">
+  Note the trailing slash in the proxy_pass for the API location. This is important to correctly strip the `/api/` prefix when forwarding requests to the backend service.
+</Callout>
+
+Enable the site by creating a symbolic link and test the configuration:
+
+```bash
+# Enable the site
+sudo ln -s /etc/nginx/sites-available/rybbit /etc/nginx/sites-enabled/
+
+# Test the configuration
+sudo nginx -t
+
+# If the test is successful, restart Nginx
+sudo systemctl restart nginx
+```
+
+## Set Up SSL with Certbot
+
+Certbot can automatically configure Nginx to use HTTPS:
+
+```bash
+sudo certbot --nginx -d your.domain.name
+```
+Certbot will automatically modify your Nginx configuration to include SSL certificate settings and HTTPS server blocks.
+
+
+## Certificate Renewal
+
+Certbot creates a systemd timer that automatically renews certificates before they expire. You can verify it's active with:
+
+```bash
+sudo systemctl status certbot.timer
+```
+
+You can also test the renewal process (without actually renewing) using:
+
+```bash
+sudo certbot renew --dry-run
+```
+
+## Troubleshooting
+
+If you encounter issues:
+
+1. Check Nginx error logs:
+   ```bash
+   sudo tail -f /var/log/nginx/error.log
+   ```
+
+2. Verify that the Docker containers are running and exposing the correct ports:
+   ```bash
+   docker ps
+   ```
+
+3. Test connectivity to the backend and client services:
+   ```bash
+   curl -v http://localhost:3001
+   curl -v http://localhost:3002
+   ```
+
+4. If the Certbot automatic configuration fails, you can manually add SSL configuration to your Nginx server block.

setup.sh

@@ -94,12 +94,13 @@ echo "Creating .env file..."
 # Update port mappings based on webserver choice
 if [ "$USE_WEBSERVER" = "false" ]; then
   # When not using the built-in webserver, expose ports to all interfaces
-  HOST_BACKEND_PORT="${BACKEND_PORT}:3001"
+  # Using quotes to ensure the string is passed as-is to Docker Compose
-  HOST_CLIENT_PORT="${CLIENT_PORT}:3002"
+  HOST_BACKEND_PORT="\"${BACKEND_PORT}:3001\""
+  HOST_CLIENT_PORT="\"${CLIENT_PORT}:3002\""
 else
   # Keep ports only accessible via localhost when using Caddy
-  HOST_BACKEND_PORT="127.0.0.1:${BACKEND_PORT}:3001"
+  HOST_BACKEND_PORT="\"127.0.0.1:${BACKEND_PORT}:3001\""
-  HOST_CLIENT_PORT="127.0.0.1:${CLIENT_PORT}:3002"
+  HOST_CLIENT_PORT="\"127.0.0.1:${CLIENT_PORT}:3002\""
 fi
 
 cat > .env << EOL