I’ve mentioned using NGINX as an interface between the internet and a service a while ago. This works by all incoming traffic coming to NGINX, and NGINX determining which service that traffic should go (from the NGINX config files) then acting as a middleman. This functionality is generally referred to as a ‘reverse proxy’.

This is nice for a few reasons:

• We can have a single point of entry to the services, easier to lock down and secure, with access centrally logged
• The services can be running on all sorts of odd addresses and ports (for example 192.168.101.23:4002) but they can be addressed with sensible names by the user (such as todo.example.com)
• We can add basic auth to any services that need it.

All this stuff is managed through the NGINX config files. Perhaps one might look like this: