jwilder nginx docker reverse proxy with acme companion
Toastie a9076aa1c6 Merge branch 'master' of https://git.in-ulm.de/ulpeters/reverse-proxy | 4 months ago | |
---|---|---|
data | 4 months ago | |
utils | 1 year ago | |
README.md | 1 year ago | |
docker-compose.yml | 4 months ago |
nginx-proxy acts as reverse proxy for other containers.
acme-companion obtains certificates from letsencrypt used by the revsers proxy.
Both monitor the docker daemon via /var/run/docker.sock
for newly created containers. Based on specific environment variables, see example below, the required configuration gets generated.
Important: Make sure the container is connected to the reverse-proxy_default network.
whoami:
image: jwilder/whoami
container_name: whoami
environment:
- VIRTUAL_HOST=whoami.example.com
- LETSENCRYPT_HOST=whoami.example.com
- LETSENCRYPT_EMAIL=webmaster@example.com
fqdn="whoami.example.com"
docker run --rm --name whoami \
--env VIRTUAL_HOST=$fqdn \
--env LETSENCRYPT_HOST=$fqdn \
--network reverse-proxy_default \
jwilder/whoami
To activate the configuration for mailcow:
cd
in ./data/conf.d/
andln ../mailcow_proxy.conf mailcow_proxy.conf
To set proper headers for ejabberd:
cd
in ./data/vhost.d/
andln ../ejabberd-vhost im.example.com
echo "someusername:"
echo "somepassword" openssl passwd -stdin> ./data/htpasswd/www.example.com
to enable basic auth for a vhost
or use the bash script in ./utils/setup_basic-auth.sh
When changing domains while moving from development to production, perform a docker system prune
prior to restarting the service.