Building a secure and scalable API is essential for modern web applications. In this article, we explore a real-world example of creating a robust NestJS API using Docker and Nginx. This setup ensures that your API is not only efficient but also secure and easy to deploy across different environments.

Prerequisites

  • Basic knowledge of NestJS framework
  • Familiarity with Docker and Docker Compose
  • Understanding of Nginx server configuration
  • Node.js and npm installed on your machine

Setting Up the NestJS Application

Create a new NestJS project using the CLI:

nest new my-api

Navigate into the project directory:

cd my-api

Implement your API endpoints and security measures, such as JWT authentication, within the NestJS project.

Dockerizing the Application

Create a Dockerfile in the root of your project:

FROM node:14-alpine

WORKDIR /app

COPY package*.json ./
RUN npm install

COPY . .

RUN npm run build

EXPOSE 3000

CMD ["node", "dist/main"]

Build the Docker image:

docker build -t my-nestjs-api .

Run the container:

docker run -d -p 3000:3000 --name nestjs-api my-nestjs-api

Configuring Nginx as a Reverse Proxy

Create an nginx.conf file:

server {
    listen 80;
    server_name yourdomain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

Start Nginx with this configuration:

nginx -c /path/to/nginx.conf

Securing the API

Implement SSL/TLS to encrypt data in transit. You can use Let's Encrypt to obtain free certificates:

https://certbot.eff.org/

Configure Nginx to serve HTTPS by updating your nginx.conf with SSL settings:

server {
    listen 443 ssl;
    server_name yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

Scaling and Deployment

Use Docker Compose to orchestrate multi-container deployments and manage scaling:

version: '3'
services:
  api:
    build: .
    ports:
      - "3000:3000"
    restart: always
  nginx:
    image: nginx:latest
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/etc/nginx/conf.d/default.conf
      - /etc/letsencrypt:/etc/letsencrypt
    depends_on:
      - api

Deploy your application on cloud providers or on-premises servers, and adjust your scaling policies as needed.

Conclusion

Combining NestJS with Docker and Nginx provides a powerful foundation for building secure, scalable APIs. Automating deployment and ensuring security through SSL/TLS are crucial steps in delivering reliable web services. This example serves as a guide to help you implement similar architectures in your projects.