Attempting to use docker / docker compose to setup nginx to proxy requests to different ports on localhost - what am I missing?

Question

I am attempting to forward requests this way:

https://xxx.domain1.com -> http://localhost:3000
https://yyy.domain2.com -> http://localhost:3001

To make it easier to get nginx up and running, I'm using docker. Here is my Dockerfile:

version: '3.7'

services:
    proxy:
        image: nginx:alpine
        container_name: proxy
        ports:
            - '443:443'
            - '80:80'
        volumes:
            - ./nginx.conf:/etc/nginx/nginx.conf
            - ./.cert/cert.pem:/etc/nginx/.cert/cert.pem
            - ./.cert/key.pem:/etc/nginx/.cert/key.pem
        restart: 'unless-stopped'
        networks:
            - backend

networks:
    backend:
        driver: bridge

And here is my nginx.conf:

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    server {
        listen 80;
        server_name yyy.domain2.com;

        chunked_transfer_encoding on;

        location / {
            proxy_pass http://localhost:3001/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }

    server {
        listen 80;
        server_name xxx.domain1.com;

        chunked_transfer_encoding on;

        location / {
            proxy_pass http://localhost:3000/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}

stream {
        map $ssl_preread_server_name $name {
            xxx.domain1.com backend;
            yyy.domain2.com frontend;
        }

        upstream backend {
            server localhost:3000;
        }

        upstream frontend {
            server localhost:3001;
        }

        server {
            listen 443;
            listen [::]:443;
            proxy_pass $name;
            ssl_preread on;

            ssl_certificate        ./.cert/cert.pem;
            ssl_certificate_key    ./.cert/key.pem;

            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_prefer_server_ciphers on;
            ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";

        }
}

I can access my services locally if I just open http://localhost:3000/test and http://localhost:3001/test, no problem.

But if I attempt to access with https://xxx.domain1.com/test, it spins for a while and then fails with ERR_CONNECTION_TIMED_OUT.

What am I missing?

UPDATE: I tried setting up the nginx service with a host network, but same result so far. I tried:

services:
    proxy:
        image: nginx:alpine
        # ports:
        #  - '443:443'
        #  - '80:80'
        ...
        extra_hosts:
            - "host.docker.internal:host-gateway"

and

services:
    proxy:
        image: nginx:alpine
        ports:
          - '443:443'
          - '80:80'
        ...
        network_mode: "host"

But no luck...

I think I'm missing the part on how to tell nginx to forward the request to the host, instead to localhost inside of it's own container.

But how to fix that?

Thanks,

Eduardo