Skip to main content
warning

This tutorial is a community contribution and is not supported by the OpenWebUI team. It serves only as a demonstration on how to customize OpenWebUI for your specific use case. Want to contribute? Check out the contributing tutorial.

HTTPS using Nginx

Ensuring secure communication between your users and the Open WebUI is paramount. HTTPS (HyperText Transfer Protocol Secure) encrypts the data transmitted, protecting it from eavesdroppers and tampering. By configuring Nginx as a reverse proxy, you can seamlessly add HTTPS to your Open WebUI deployment, enhancing both security and trustworthiness.

This guide provides two methods to set up HTTPS:

  • Self-Signed Certificates: Ideal for development and internal use.
  • Let's Encrypt: Perfect for production environments requiring trusted SSL certificates.

Choose the method that best fits your deployment needs.

Self-Signed Certificate

Using self-signed certificates is suitable for development or internal use where trust is not a critical concern.

Steps

  1. Create Directories for Nginx Files:

    mkdir -p conf.d ssl
  2. Create Nginx Configuration File:

    conf.d/open-webui.conf:

    server {
    listen 443 ssl;
    server_name your_domain_or_IP;

    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;
    ssl_protocols TLSv1.2 TLSv1.3;

    location / {
    proxy_pass http://host.docker.internal:3000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    }
    }
  3. Generate Self-Signed SSL Certificates:

    openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout ssl/nginx.key \
    -out ssl/nginx.crt \
    -subj "/CN=your_domain_or_IP"
  4. Update Docker Compose Configuration:

    Add the Nginx service to your docker-compose.yml:

    services:
    nginx:
    image: nginx:alpine
    ports:
    - "443:443"
    volumes:
    - ./conf.d:/etc/nginx/conf.d
    - ./ssl:/etc/nginx/ssl
    depends_on:
    - open-webui
  5. Start Nginx Service:

    docker compose up -d nginx

Access the WebUI

Access Open WebUI via HTTPS at:

https://your_domain_or_IP


Next Steps

After setting up HTTPS, access Open WebUI securely at:

Ensure that your DNS records are correctly configured if you're using a domain name. For production environments, it's recommended to use Let's Encrypt for trusted SSL certificates.