Nginx Redirect to Docker Container
just need to use the name of the container name / services since you are using docker-compose. Try adding this configuration to your container with nginx:
http {
include /etc/nginx/mime.types;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
server {
listen 80 default_server;
listen [::]:80;
server_name www.example1.com example1.com www.example2.com example2.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name www.example1.com example1.com;
ssl_certificate ssl/fullchain1.pem;
ssl_certificate_key ssl/privkey1.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
keepalive_timeout 70;
location / {
proxy_pass http://<container_name>:2021; ###<-------HERE you can use webapp
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name www.example2.com example2.com;
ssl_certificate ssl/fullchain2.pem;
ssl_certificate_key ssl/privkey2.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
keepalive_timeout 70;
location / {
proxy_pass http://<container_name>:2022; ###<-------HERE you can use webapp
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Example of old docker-compose
version: '2'
services:
# webapp is the name that you can use inside the nginx configuration
webapp:
build: build
volumes:
- .:/home/noc/app
ports:
- 8000:8000
environment:
- RECAPTCHA_SECRET_KEY=****
- RECAPTCHA_SITE_KEY=****
- DB_HOST=******
nginx:
image: nginx:1.10.2
volumes:
- ./static:/var/www/static
- ./config/nginx.conf:/etc/nginx/nginx.conf
- /etc/letsencrypt/archive/:/etc/nginx/ssl
links:
- webapp
depends_on:
- webapp
ports:
- 80:80
- 443:443
command: /bin/bash -c "nginx -g 'daemon off;'"
More information: Docker documentation
Related videos on Youtube
Judson James
Updated on September 18, 2022Comments
-
Judson James over 1 year
I made my personal server SSL encrypted, so that only port 443 is accessible to the outside world. However, in doing so, I locked my web apps from seeing the outside world.
The gist of it is that I have two Docker chains such that
<domain>:2019
and<domain>:2020
are two separate web applications that are each served with Nginx containers, and output correctly on my local machine. I want to have<domain>:2019
output toexample1.com
and<domain>:2020
output toexample2.com
from using the host machine's Nginx service. How would I go about doing this?[edit]
The Docker chains have respective Nginx containers that look like:
nginx: container_name: domain_nginx build: context: ./nginx volumes: - static_volume:/usr/src/domain_django/static ports: - "2019:80" depends_on: - django
Where the Nginx container outputs to
127.0.0.1:2019
. I want a user going toexample1.com
to see the127.0.0.1:2019
-
Roid almost 5 yearsYour nginx is a container too?
-
Judson James almost 5 years@RoidRamirez I updated the issue to explain it better. There is an Nginx container serving with gunicorn, but I want the output port to be read by the Nginx instance running on the host
-
-
Judson James almost 5 yearsWould this live on the server-side Nginx configuration? And would the container name be readable to the host in the marked line?
-
Roid almost 5 yearsYou can COPY the nginx configuration inside your container(nginx) or link a volume to access the files.
-
Judson James almost 5 yearsThat makes sense, and works now. Thanks!
-
Judson James almost 5 yearsI'm sorry to reopen the issue, but I modified my nginx.conf for the nginx container and it didn't fix the issue. I think what I'm trying to do isn't an issue with the docker container, but it's with the host itself. On localhost (not the server) it corresponds to the correct ports, but on the server, there's a separate Nginx instance (the server is SSL encrypted but not the containers) that only lets in things display on port 443. Does this mean I can redirect the content shown?
-
Roid almost 5 yearsThe encryption between your client and the nginx is encrypted, but the traffic between the nginx and the container is not encrypted so you don't need handle the encryption inside your app. Remember each site use their own certificate for ssl
-
Judson James almost 5 yearsThat makes sense. Would it make more sense to just have the Nginx container use a separate Certbot container? That way each site has a different certificate and that way I can make the host Nginx easier to write?