nginx-proxy acts as reverse proxy for other containers.
acme-companion obtains certificates from letsencrypt used by the revsers proxy.
Both monitor the docker daemon via /var/run/docker.sock
for newly created containers. Based on specific environment variables, see example below, the required configuration gets generated.
Important: Make sure the container is connected to the reverse-proxy_default network.
whoami:
image: jwilder/whoami
container_name: whoami
environment:
- VIRTUAL_HOST=whoami.example.com
- LETSENCRYPT_HOST=whoami.example.com
- LETSENCRYPT_EMAIL=webmaster@example.com
fqdn="whoami.example.com"
docker run --rm --name whoami \
--env VIRTUAL_HOST=$fqdn \
--env LETSENCRYPT_HOST=$fqdn \
--network reverse-proxy_default \
jwilder/whoami
To activate the configuration for mailcow:
cd
in ./data/conf.d/
andln ../mailcow_proxy.conf mailcow_proxy.conf
To set proper headers for ejabberd:
cd
in ./data/vhost.d/
andln ../ejabberd-vhost im.example.com
echo "someusername:"
echo "somepassword" openssl passwd -stdin> ./data/htpasswd/www.example.com
to enable basic auth for a vhost
or use the bash script in ./utils/setup_basic-auth.sh
When changing domains while moving from development to production, perform a docker system prune
prior to restarting the service.