Table of Contents |
---|
Create our Docker Container
Create a nginx reverse proxy by issuing the following command:
...
This will create a reverse proxy running on the host network.
Define our Nginx Configuration Files
In the conf folder(mapped to sites-enabled) we defined in our docker command we will add a configuration like the following:
Code Block | ||
---|---|---|
| ||
server { listen 80; server_name wiki wiki.jmehan.com; location / { proxy_pass http://192.168.1.60:8090/; } } |
Adding SSL Support (not certbot)
If we want to terminate an SSL connection at our proxy, we can generate an SSL cert and configure it in nginx.
...
Code Block | ||
---|---|---|
| ||
server { listen 8443 ssl; #server_name svn svn.jmehan.com; ssl_certificate /etc/nginx/certificates/svn/cert.pem; ssl_certificate_key /etc/nginx/certificates/svn/key.pem; location / { proxy_pass http://192.168.1.60:9080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } } |
Adding Basic Authentication
You may need to add apache2-utils to your nginx docker container using the following cmd:
...
Code Block |
---|
server { server_name kibana kibana.jmehan.com; location / { proxy_pass http://192.168.1.60:5601/; auth_basic "Administrator's Area"; auth_basic_user_file /etc/nginx/conf.d/htpasswd; } } |
Customized Dockerfile
The following Dockerfile adds certbot and apache2-utils to our nginx-reverse-proxy image.
Code Block | ||||
---|---|---|---|---|
| ||||
FROM lerenn/nginx-reverse-proxy RUN apt-get update RUN apt-get install -y wget RUN apt-get install -y apache2-utils RUN wget https://dl.eff.org/certbot-auto RUN chmod +x certbot-auto RUN ./certbot-auto -n --install-only |
References
Reference | URL |
---|---|
Let's Encrypt | CertBot and Let's Encrypt |
Restricting Access with HTTP Basic Authentication | https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ |
...