Servidor intermediari invers

De binefa.com
Salta a la navegació Salta a la cerca

Using Docker to Set up Nginx Reverse Proxy With Auto SSL Generation

Ús del docker

Crida a un servidor nginx (https://sub.things.cat):

docker run --rm --name nginx-dummy -e VIRTUAL_HOST=sub.things.cat -e LETSENCRYPT_HOST=sub.things.cat -e VIRTUAL_PORT=80 --network net -d nginx:latest

Crida a un servidor NextCloud (https://sub0.things.cat/):

docker run --name nextcloud0 --network net -e VIRTUAL_HOST="sub0.things.cat" -e LETSENCRYPT_HOST="sub0.things.cat" -d nextcloud:19.0.2

Accés a la consola bash del docker nextcloud0:

docker exec -it nextcloud0 bash -l

Per a obtenir la informació disponible del docker en funcionament:

docker inspect nextcloud0

Per a obtenir la IP interna del docker en funcionament:

docker inspect nextcloud0 | grep IPAddress

docker-compose.yml

Abans de posar en marxa el docker cal crea la xarxa que connecta el reverse-proxy amb letsencrypt:

docker network create net

Un cop heu copiat l'arxiu docker-compose.yml a una carpeta del sistema:

docker-compose up -d

docker-compose.yml:

version: "3.3"

services:
   reverse-proxy:
       image: jwilder/nginx-proxy:latest
       container_name: "reverse-proxy"
       volumes:
           - "html:/usr/share/nginx/html"
           - "dhparam:/etc/nginx/dhparam"
           - "vhost:/etc/nginx/vhost.d"
           - "certs:/etc/nginx/certs"
           - "/run/docker.sock:/tmp/docker.sock:ro"
       restart: "always"
       networks: 
           - "net"
       ports:
           - "80:80"
           - "443:443"
   letsencrypt:
       image: jrcs/letsencrypt-nginx-proxy-companion:latest
       container_name: "letsencrypt-helper"
       volumes:
           - "html:/usr/share/nginx/html"
           - "dhparam:/etc/nginx/dhparam"
           - "vhost:/etc/nginx/vhost.d"
           - "certs:/etc/nginx/certs"
           - "/run/docker.sock:/var/run/docker.sock:ro"
       environment:
           NGINX_PROXY_CONTAINER: "reverse-proxy"
           DEFAULT_EMAIL: "un_correu@qualsevol.cat"
       restart: "always"
       depends_on:
           - "reverse-proxy"
       networks: 
           - "net"
volumes:
 certs:
 html:
 vhost:
 dhparam:

networks:
 net:
   external: true