Nginx Redirect to Docker Container

ssl docker nginx virtual-host

7,499

just need to use the name of the container name / services since you are using docker-compose. Try adding this configuration to your container with nginx:

http {
    include /etc/nginx/mime.types;
    ssl_session_cache   shared:SSL:10m;
    ssl_session_timeout 10m;
    server {
        listen 80 default_server;
    listen [::]:80;
        server_name www.example1.com example1.com www.example2.com example2.com;
        return 301 https://$server_name$request_uri;
    }
    server {

         listen 443 ssl default_server;
         listen [::]:443 ssl default_server;


        server_name www.example1.com example1.com;

        ssl_certificate ssl/fullchain1.pem;
        ssl_certificate_key ssl/privkey1.pem;
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;

        keepalive_timeout   70;

        location / {
                proxy_pass http://<container_name>:2021; ###<-------HERE you can use webapp
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }


        server {

         listen 443 ssl default_server;
         listen [::]:443 ssl default_server;


        server_name www.example2.com example2.com;

        ssl_certificate ssl/fullchain2.pem;
        ssl_certificate_key ssl/privkey2.pem;
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;

        keepalive_timeout   70;

        location / {
                proxy_pass http://<container_name>:2022; ###<-------HERE you can use webapp
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

}

Example of old docker-compose

version: '2'
services:
    # webapp is the name that you can use inside the nginx configuration
    webapp:
        build: build
        volumes:
            - .:/home/noc/app
        ports:
            - 8000:8000
        environment:
            - RECAPTCHA_SECRET_KEY=****
            - RECAPTCHA_SITE_KEY=****
            - DB_HOST=******

    nginx:
        image: nginx:1.10.2
        volumes:
            - ./static:/var/www/static
            - ./config/nginx.conf:/etc/nginx/nginx.conf
            - /etc/letsencrypt/archive/:/etc/nginx/ssl
        links:
            - webapp
        depends_on:
            - webapp
        ports:
            - 80:80
            - 443:443
        command: /bin/bash -c "nginx -g 'daemon off;'"

More information: Docker documentation

7,499

Judson James

Updated on September 18, 2022

Comments

Judson James over 1 year
I made my personal server SSL encrypted, so that only port 443 is accessible to the outside world. However, in doing so, I locked my web apps from seeing the outside world.

The gist of it is that I have two Docker chains such that <domain>:2019 and <domain>:2020 are two separate web applications that are each served with Nginx containers, and output correctly on my local machine. I want to have <domain>:2019 output to example1.com and <domain>:2020 output to example2.com from using the host machine's Nginx service. How would I go about doing this?

[edit]

The Docker chains have respective Nginx containers that look like:
```
  nginx:
    container_name: domain_nginx
    build: 
      context: ./nginx
    volumes:
      - static_volume:/usr/src/domain_django/static
    ports:
      - "2019:80"
    depends_on:
      - django
```
Where the Nginx container outputs to 127.0.0.1:2019. I want a user going to example1.com to see the 127.0.0.1:2019
- Roid almost 5 years
  
  Your nginx is a container too?
- Judson James almost 5 years
  
  @RoidRamirez I updated the issue to explain it better. There is an Nginx container serving with gunicorn, but I want the output port to be read by the Nginx instance running on the host
Judson James almost 5 years

Would this live on the server-side Nginx configuration? And would the container name be readable to the host in the marked line?
Roid almost 5 years

You can COPY the nginx configuration inside your container(nginx) or link a volume to access the files.
Judson James almost 5 years

That makes sense, and works now. Thanks!
Judson James almost 5 years

I'm sorry to reopen the issue, but I modified my nginx.conf for the nginx container and it didn't fix the issue. I think what I'm trying to do isn't an issue with the docker container, but it's with the host itself. On localhost (not the server) it corresponds to the correct ports, but on the server, there's a separate Nginx instance (the server is SSL encrypted but not the containers) that only lets in things display on port 443. Does this mean I can redirect the content shown?
Roid almost 5 years

The encryption between your client and the nginx is encrypted, but the traffic between the nginx and the container is not encrypted so you don't need handle the encryption inside your app. Remember each site use their own certificate for ssl
Judson James almost 5 years

That makes sense. Would it make more sense to just have the Nginx container use a separate Certbot container? That way each site has a different certificate and that way I can make the host Nginx easier to write?