Versions Compared

Old Version 8

changes.mady.by.user John

Saved on

compared with

New Version 9

changes.mady.by.user John

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Create our Docker Container

Create a nginx reverse proxy by issuing the following command:

...

This will create a reverse proxy running on the host network. 

Define our Nginx Configuration Files

In the conf folder(mapped to sites-enabled) we defined in our docker command we will add a configuration like the following:

Code Block
titlewiki.conf
server {
        listen       80;
        server_name  wiki wiki.jmehan.com;
        location / {
            proxy_pass         http://192.168.1.60:8090/;
        }
}


Adding SSL Support (not certbot)

If we want to terminate an SSL connection at our proxy, we can generate an SSL cert and configure it in nginx.

...

Code Block
titlemysite.conf
server {
        listen       8443 ssl;
        #server_name  svn svn.jmehan.com;
        ssl_certificate     /etc/nginx/certificates/svn/cert.pem;
        ssl_certificate_key /etc/nginx/certificates/svn/key.pem;

        location / {
            proxy_pass         http://192.168.1.60:9080/;
            proxy_set_header   Host             $host;
            proxy_set_header   X-Real-IP        $remote_addr;
            proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

            client_max_body_size       10m;
            client_body_buffer_size    128k;
            proxy_connect_timeout      90;
            proxy_send_timeout         90;
            proxy_read_timeout         90;

            proxy_buffer_size          4k;
            proxy_buffers              4 32k;
            proxy_busy_buffers_size    64k;
            proxy_temp_file_write_size 64k;
        }
}


Adding Basic Authentication

You may need to add apache2-utils to your nginx docker container using the following cmd:

...

Code Block
server {
        server_name  kibana kibana.jmehan.com;
        location / {
            proxy_pass         http://192.168.1.60:5601/;
            auth_basic "Administrator's Area";
            auth_basic_user_file /etc/nginx/conf.d/htpasswd;
        }
}


Customized Dockerfile

The following Dockerfile adds certbot and apache2-utils to our nginx-reverse-proxy image.

Code Block
languageyml
titleDockerfile
FROM lerenn/nginx-reverse-proxy

RUN apt-get update
RUN apt-get install -y wget
RUN apt-get install -y apache2-utils
RUN wget https://dl.eff.org/certbot-auto
RUN chmod +x certbot-auto
RUN ./certbot-auto -n --install-only


References


ReferenceURL
Let's EncryptCertBot and Let's Encrypt
Restricting Access with HTTP Basic Authenticationhttps://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/

...