How I directed myapexapp.com ๐Ÿ”€ to my Oracle APEX application.

The โšฝ goal here is to direct a domain, in this case myapexapp.com to my Oracle APEX demo application. These are my notes.

๐Ÿ’ก

Dimitri Gieles has a series of articles which walk you (and I) through the process. You will want to specifically look at 6, 7, and 17.

There were points of โคต๏ธ deviation/issues which I mention below.

1๏ธโƒฃ After getting nginx running on port 80 and serving HTTP traffic I used these instructions from certbot.org to install my SSL certificate. I still need to automate certificate renewal (I don't think this is automatically setup, but have not checked). I ran a dry-run renewal from the command line and it worked fine.

  • Note: The second time I tried this I had to use โ€”skip-broken when running sudo yum update. Perhaps it was because I started here as my first step. Anyway, this is why we keep notes ๐Ÿ€.

2๏ธโƒฃ In order to do above I needed to install snapd. I used the RedHat Enterprise Linux instructions although I was running Oracle Linux. There was a command which was optional using subscription-manager which generated an error because the command was not found. I ignored and moved on and had no issues. I also had to manually start the snapd daemon to get things working after it was installed.

3๏ธโƒฃ After opening the firewall ports on my VM instructions have you open the same ports on the network your VM is running in. This was already done in my case. Probably because I have done this work before and I am using the default network for my account.

4๏ธโƒฃ I have included my working Nginx configuration file (myapexapp.com.conf) below with a couple notes. I had to fiddle around with the position of some items in order to get the results I wanted. There are still some issues I am not happy with but it is working and I will figure out those annoyances later.

server {
    server_name    myapexapp.com www.myapexapp.com;
    root           /usr/share/nginx/html/myapexapp.com;
    index          index.html;
    try_files $uri /index.html;

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/myapexapp.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/myapexapp.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

   location /ords/ {
    proxy_pass https://ny94ohpcjq4wdqy-atpfreeblue.adb.us-phoenix-1.oraclecloudapps.com/ords/;
    proxy_set_header Origin "" ;
    proxy_set_header X-Forwarded-Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_connect_timeout       600;
    proxy_send_timeout          600;
    proxy_read_timeout          600;
    send_timeout                600;
   }

   location /i/ {
    proxy_pass https://ny94ohpcjq4wdqy-atpfreeblue.adb.us-phoenix-1.oraclecloudapps.com/i/;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   }
   
   # There is a minor modification here from Dimitri's entry. Also the location may matter (not sure) but everything seemed to start working correctly when I moved this to the bottom of this server block. 
   location / {
    rewrite ^/$ /ords/f?p=108 permanent;
   }

}

server {
    # The order of these next two blocks seemed to matter but it could just have been browser caching issues. Once I put this one first both started working correctly.
    if ($host = myapexapp.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = www.myapexapp.com) {
       return 301 https://$host$request_uri;
    } # managed by Certbot

    listen         80;
    listen         [::]:80;
    server_name    myapexapp.com www.myapexapp.com;
    return 404; # managed by Certbot
}
myapexapp.com.conf

๐ŸŽ Let's wrap things up here.

In the future I will take a look at Peter Raganitsch's article. In this case you run ORDS on your VM which appears to be the "correct" way to do this but you have some management overhead which in some cases I am going to want to avoid.

Digital Ocean has a good article if you want to get a better understanding on the blocks in your Nginx configuration file. I should read it sometime ๐Ÿ˜‚.