...
Create a nginx reverse proxy by issuing the following command:> docker
Code Block |
---|
docker run -d \ --net host \ --restart=always \ -p 80:80 \ --name proxy \ -v |
...
$PWD/conf:/etc/nginx/ |
...
sites-enabled \ -v $PWD/letsencrypt:/etc/letsencrypt \ -v $PWD/conf.d:/etc/nginx/ |
...
conf.d \ lerenn/nginx-reverse-proxy |
This will create a reverse proxy running on the host network. We specify a SITES_CONFIG_DIR where we will add our site config files (see below).We also specify a folder for our certificates that we will reference for our SSL enabled sites.
Define our Nginx Configuration Files
In the config folder conf folder(mapped to sites-enabled) we defined in our docker command we will add a configuration like the following:
Code Block | ||
---|---|---|
| ||
server { listen 80; server_name wiki wiki.jmehan.com; location / { proxy_pass http://192.168.1.60:8090/; } } |
Adding SSL Support (not certbot)
If we want to terminate an SSL connection at our proxy, we can generate an SSL cert and configure it in nginx.
...
Code Block |
---|
server { server_name kibana kibana.jmehan.com; location / { proxy_pass http://192.168.1.60:5601/; auth_basic "Administrator's Area"; auth_basic_user_file /etc/nginx/conf.d/htpasswd; } } |
Customized Dockerfile
The following Dockerfile adds certbot and apache2-utils to our nginx-reverse-proxy image.
Code Block | ||||
---|---|---|---|---|
| ||||
FROM lerenn/nginx-reverse-proxy
RUN apt-get update
RUN apt-get install -y wget
RUN apt-get install -y apache2-utils
RUN wget https://dl.eff.org/certbot-auto
RUN chmod +x certbot-auto
RUN ./certbot-auto -n --install-only |
References
Reference | URL |
---|---|
Let's Encrypt | CertBot and Let's Encrypt |
Restricting Access with HTTP Basic Authentication | https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ |
...