Nginx configuration for Listmonk running on Docker port 9000 using SSL certificates provided by Bitnami on AWS Lightsail

mail.example.com.conf

# This file goes in /opt/bitnami/nginx/conf/server_blocks as mail.example.com.conf (make sure to replace the filename with your actual subdomain)
# This Nginx config file assumes we're runing a Bitnami image (thus the non-standard /opt/bitnami paths)
# FULL TUTORIAL to set up Listmonk on AWS Lightsail here: https://rameerez.com/free-mailchimp-alternative-email-marketing-service#listmonk-tutorial

server {
    listen 443 ssl;
    server_name mail.example.com;
    server_tokens off;

    ssl_certificate /opt/bitnami/letsencrypt/certificates/mail.example.com.crt;
    ssl_certificate_key /opt/bitnami/letsencrypt/certificates/mail.example.com.key;

    location / {
        proxy_pass http://localhost:9000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

server {
    listen 80;
    server_name mail.example.com;
    return 301 https://$server_name$request_uri;
}

Part of a tutorial to set up Listmonk on AWS Lightsail.

Thanks for sharing!

I had to make this modification so that future crontab calls to renew the certificate would work by allowing http access to the .well-known folder:

server {    
    listen 80;    
    server_name your.example.com;

    location ^~ /.well-known/acme-challenge/ {
        alias /opt/bitnami/apps/letsencrypt/.well-known/acme-challenge/;    
    }

    return 301 https://$server_name$request_uri;
}