Nginx Configuration

To securely expose the Evolution API on the web, you can configure Nginx as a reverse proxy.

Installing Nginx

Install, start, and enable Nginx:
apt-get install -y nginx
systemctl start nginx
systemctl enable nginx
systemctl status nginx
If the message “Active: active (running)” appears, Nginx is working correctly.

Nginx Configuration

Remove the default Nginx configuration:
rm /etc/nginx/sites-enabled/default
Create a new configuration file:
nano /etc/nginx/conf.d/default.conf
Add the following configuration:
server {
  listen 80;
  listen [::]:80;
  server_name _;

  location / {
    proxy_pass http://127.0.0.1:8080;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_cache_bypass $http_upgrade;
  }

  location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
    expires 360d;
  }

  location ~ /\.ht {
    deny all;
  }
}
Reload Nginx to apply the changes:
systemctl reload nginx
If necessary, make the nginx user the owner of the web directory:
chown www-data:www-data /usr/share/nginx/html -R
To configure a Virtual Host, create a configuration file:
nano /etc/nginx/sites-available/api
Add the following configuration:
server {
  server_name replace-this-with-your-cool-domain.com;

  location / {
    proxy_pass http://127.0.0.1:8080;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_cache_bypass $http_upgrade;
  }
}
Create a symbolic link to enable the configuration:
ln -s /etc/nginx/sites-available/api /etc/nginx/sites-enabled
nginx -t
Reload Nginx:
systemctl reload nginx

Install Certbot for SSL Certificate

To secure your Evolution API with SSL, install Certbot:
snap install --classic certbot

Configure SSL with Certbot

To configure SSL, use the command:
certbot --nginx -d replace-this-with-your-cool-domain.com
If the process is successful, you will see the message “Congratulations! You have successfully enabled HTTPS”.