Reverse Proxy Configuration

The Cawemo distribution includes a sample configuration for running Cawemo behind an automated NGINX reverse proxy for Docker with SSL support.

To use the reverse proxy in your production environment, please follow the steps below (assuming that you have already downloaded and configured Cawemo according to the general installation guide).

1. Extend the .env File

Add the following environment variables to the .env.production file and adjust the values according to your own setup.

Environment Variable Example Value Description
SERVER_TLS_CERTIFICATES_PATH /path/to/certificates Path of the server directory containing your SSL certificates

2. Provide SSL Certificates

You have to provide SSL certificates for the following host names:


The certificates and their corresponding private keys must be stored in the PEM file format and must all be placed in the directory configured in SERVER_TLS_CERTIFICATES_PATH.

The files should be named after a certain scheme:

  • Individual certificates should be named after the host name with a .crt and .key extension. For example, a value of should have a and file in the certificate directory.
  • Wildcard certificates should be named after the domain name with a .crt and .key extension. For example, a value of needs and files in the certificate directory.

For more detailed information on the reverse proxy’s SSL configuration options please refer to the official documentation.

3. Run Cawemo

To run Cawemo with the provided reverse proxy, execute the startup script with the additional argument --reverse-proxy:

./ --production --reverse-proxy

Point your web browser to the URL you specified in SERVER_URL to verify that the application is running.

On this Page: