Nginx as a Reverse Proxy and Load Balancer

Real-world Nginx configurations for routing traffic to backend and frontend containers, including TLS, health checks, and graceful reloads.

Why Nginx?

Nginx is the workhorse at the edge of most production stacks — fast, predictable, and battle-tested. We use it for three jobs: TLS termination, reverse proxying to backend services, and load balancing across replicas.

A minimal upstream

upstream backend {
    server backend:3000;
    keepalive 32;
}

That is the entire load balancer. Docker Compose's built-in DNS resolves backend to every replica, and Nginx round-robins across them.

What you actually need to configure

TLS with strong defaults (Mozilla intermediate at minimum)
Proper proxy_set_header lines so the backend sees the real client IP
A reasonable client_max_body_size for file uploads
Rate limiting on auth endpoints

That is it. Resist the urge to add more.