Disable ssl in nginx to allow multi hosting at the vps level

Maypher · Maypher · commit 48248a18179a · 2025-07-09T22:16:50.000-04:00
diff --git a/README.md b/README.md
@@ -45,5 +45,4 @@ This site is deploy to a docker compose setup and can be run in any VPS. There a
 
 ## Notes
 
-1. Nginx is one of the services in the docker compose setup and is used as a reverse proxy for nextjs using an encrypted connection. If running in development mode the files `./nginx/fullchain.pem` and `./nginx/privkey.pem` should exist. They can be a self signed certificate. For deployment they should live at `/etc/letsencrypt/live/${DOMAIN}`
-2. Payload CMS has the ability to hot reload database changes without having to migrate. In some cases where it can't determine on its own what to do it will prompt the user. Since the promps aren't answerable through docker, in this case the nextjs server should be run locally with `npm run dev` with the environemnt variable `DATABASE_URI="postgres://postgres:<password>@localhost:5432/postgres"` set. This should be the only reason to run the server locally, everything else should be done through docker dev mode.
+Payload CMS has the ability to hot reload database changes without having to migrate. In some cases where it can't determine on its own what to do it will prompt the user. Since the promps aren't answerable through docker, in this case the nextjs server should be run locally with `npm run dev` with the environemnt variable `DATABASE_URI="postgres://postgres:<password>@localhost:5432/postgres"` set. This and `npm run payload migrate:create` should be the only reasons to run the server locally, everything else should be done through docker dev mode.
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -27,7 +27,3 @@ services:
         - action: rebuild
           path: ./nginx/templates
           target: /etc/nginx/templates/
-    volumes: !override
-      - type: bind
-        source: ./nginx/certificates/
-        target: /certificates/nginx/
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -7,6 +7,7 @@ services:
       - images:/app/media
     environment:
       - NEXT_PUBLIC_PAYLOAD_URL=https://${DOMAIN:?Website domain required}
+      - DOMAIN=${DOMAIN?Website domain required}
       - SMTP_HOST=${SMTP_HOST:?SMTP_HOST required for email functionality}
       - EMAIL_USER=${EMAIL_USER:?EMAIL_USER required for email functionality}
     depends_on:
@@ -34,15 +35,9 @@ services:
     depends_on:
       - payload
     ports:
-      - 443:443
-      - 80:80
+      -  127.0.0.1:1000:443
     environment:
       - NGINX_HOST=${DOMAIN:?Website domain required}
-    volumes:
-      - type: bind
-        source:  /etc/letsencrypt/
-        target:  /etc/letsencrypt/
-        read_only: true
 volumes:
   pgdata:
   images:
diff --git a/next.config.mjs b/next.config.mjs
@@ -13,7 +13,7 @@ const nextConfig = {
   output: 'standalone',
   experimental: {
     serverActions: {
-      allowedOrigins: ['payload:3000', 'localhost'],
+      allowedOrigins: ['payload:3000', 'localhost', process.env.DOMAIN],
     },
   },
 }
diff --git a/nginx/templates/servers.conf.template b/nginx/templates/servers.conf.template
@@ -1,8 +1,6 @@
 server {
-    listen 443 ssl;
+    listen 443;
     server_name ${NGINX_HOST};
-    ssl_certificate /etc/letsencrypt/live/${NGINX_HOST}/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/${NGINX_HOST}/privkey.pem;
 
     location / {
         proxy_pass http://payload:3000;

Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ const nextConfig = {`
`13`	`13`	`output: 'standalone',`
`14`	`14`	`experimental: {`
`15`	`15`	`serverActions: {`
`16`		`- allowedOrigins: ['payload:3000', 'localhost'],`
	`16`	`+ allowedOrigins: ['payload:3000', 'localhost', process.env.DOMAIN],`
`17`	`17`	`},`
`18`	`18`	`},`
`19`	`19`	`}`