Skip to content

VibroBox/nginx-proxy

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
certs
certs
 
 
conf.d
conf.d
 
 
dhparam
dhparam
 
 
htpasswd
htpasswd
 
 
vhost.d
vhost.d
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
nginx.tmpl
nginx.tmpl
 
 

Repository files navigation

Nginx Proxy docker-compose config

This project was developed as part of my work with VibroBox.

If you are looking for a ready-made solution for combining jwilder/nginx-proxy with nginx, which supports brotli compression module and automatically management of Let's Encrypt certificates, so you are in the right place. In this repository, you can find the ready-made docker-compose configuration, which combines the following containers:

Successfully tested in both production and local dev environments.

Installing

It is worthwhile to understand that the configuration is performed once and works within the whole server.

At first, you should create a network:

docker network create nginx-proxy

Then you should clone this repository in any convenient place and go to its folder:

git clone [email protected]:erickskrauch/docker-compose-nginx-proxy.git nginx-proxy
cd nginx-proxy

After just run the containers:

docker-compose up -d

At this stage the setting is completed. The images will be downloaded and containers will be launched. In the case that the server restarting, the containers will automatically start with the Docker Engine.

Configuring projects

The information below is largely identical to the individual manuals for using these images and can be studied in more details in the documentation for the respective repositories.

docker-gen automatically picks up only those containers that have the environment variable VIRTUAL_HOST. If you don't do this, docker-gen will not generate the configuration and nothing will work. In addition, the container must expose at least one port (nginx and apache official images expose 80 and 443 ports by default).

In addition, you need to make sure that the container that should be proxied is available in the network nginx-proxy, which we have created a bit earlier.

Below there is an example of the docker-compose.yml configuration for the project that should be proxied under the name example.com:

version: '2'
services:
  web:
    from: nginx
    environment:
      - VIRTUAL_HOST=example.com
    networks:
      - nginx-proxy

# This is how we connect the internal network of the container with the global one, which we created earlier
networks:
  nginx-proxy:
    external:
      name: nginx-proxy

SSL certificates

The required volumes have been already written in the compose file of this repository. Following the instructions on the link above, certificates must be placed in the folder certs.

Let's Encrypt

It is also possible to automatically create and further auto-update Let's Encrypt certificates. To enable this function, it is necessary to specify two additional parameters in the environment variables of the container along with VIRTUAL_HOST:

  • LETSENCRYPT_HOST - specifies the name of the host to which the certificate is issued. In most cases it should be equal to VIRTUAL_HOST value.

  • LETSENCRYPT_EMAIL - specifies the E-mail to which the certificate will be attached. There is no verification, you can write everything, but remember that this E-mail will receive notifications from Let's Encrypt in some important cases.

Certificates are generated within a couple of minutes. If this did not happen, you can view the logs with the command:

# Execute in the folder where this docker-compose was installed
docker-compose logs -f --tail 30 letsencrypt-nginx-proxy-companion

I will also pay attention to the fact that certificates will be successfully issued only if the server is actually accessible from the Internet by the specified host name. You will not be able to write out a certificate for .local or any other non-existent and inaccessible domain zone/domain.

To generate self-signed certificates for local development, it is convenient to use this service. The file domain.key should be put on the path certs/domain.key, and the file domain.cert as certs/domain.crt (without e in the extension).

ATTENTION!

Bug on letsencrypt-nginx-proxy-companion. After some time you can see in logs docker-compose logs -f --tail 30 letsencrypt-nginx-proxy-companion error messages like can't find nginx-proxy container ID! or error message contains nginx-proxy string. In this case to fix problem follow next steps:

  1. stop letsencrypt-nginx-proxy-companion container docker-compose stop <container-name>
  2. remove contaner docker-compose rm -fv <container-name>
  3. start container using docker-compose up -d

Basic Authentication

The required volumes has been already written in the compose file of this repository. Following the instructions on the link above, files with logins and passwords must be placed in the folder htpasswd.

As an example, to set Basic Authentication to host example.com, you must perform the following actions (assuming that the console is opened in the htpasswd folder):

htpasswd -c example.com my-username
# Next, you will be prompted for the password for the user

If you need to add one more user, you should execute almost the same command, only without the -c flag:

htpasswd example.com another-user
# Next, you will be prompted for the password for the user

Important: when you create file for the host, the docker-gen does not automatically recreate nginx configuration, so after you created the file, you need to restart the nginx container:

docker-compose restart nginx

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published