What is the simplest thing that could possibly work?
A reverse proxy. Nginx is simpler than iptables (for me anyways). Nginx also offers "ssl termination".
sudo apt install nginxsudo service nginx start# Verify it's workingcurl http://localhost# make certssudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/cert.key -out /etc/nginx/cert.crtsudo nano /etc/nginx/conf.d/devserver.conf add this content
server { listen 80; return 301 https://$host$request_uri;}server { listen 443; server_name www.example.com; ssl_certificate /etc/nginx/cert.crt; ssl_certificate_key /etc/nginx/cert.key; ssl on; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://localhost:8080; }}The restart the server:
sudo service nginx restartConfigure DNS: A record for www.example.com -> 127.0.0.1
# Test it out:curl --insecure --verbose https://www.example.com