Skip to content

Instantly share code, notes, and snippets.

@cboettig cboettig/docker-compose.yml
Last active Jan 12, 2020

Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
debugging NGINX configuration for Jupyter
Raw
docker-compose.yml
jupyter:
image: jupyter/datascience-notebook
environment:
- PASSWORD=${PASSWORD}
nginx:
image: nginx
links:
- jupyter
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./letsencrypt.crt:/data/cert.crt
- /letsencrypt.key:/data/key.key
ports:
- 80:80
- 443:443
Raw
nginx.conf
## Based on: https://github.com/calpolydatascience/jupyterhub-deploy-data301/blob/master/roles/nginx/templates/nginx.conf.j2
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream jupyter {
server jupyter:8888 fail_timeout=0;
}
server {
listen 80;
server_name xsede.carlboettiger.info;
rewrite ^ https://$host$request_uri? permanent;
}
server {
listen 443;
client_max_body_size 50M;
server_name xsede.carlboettiger.info;
ssl on;
ssl_certificate /data/cert.crt;
ssl_certificate_key /data/key.key;
ssl_ciphers "AES128+EECDH:AES128+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
add_header X-Content-Type-Options nosniff;
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver_timeout 5s;
# Expose logs to "docker logs".
# See https://github.com/nginxinc/docker-nginx/blob/master/Dockerfile#L12-L14
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
proxy_pass http://jupyter;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~* /(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/? {
proxy_pass http://jupyter;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
}
@xros

This comment has been minimized.

Sign in to view
Copy link

xros commented Apr 4, 2016

Thanks this works!
@morphean

This comment has been minimized.

Sign in to view
Copy link

morphean commented Jul 21, 2016

what about just serving staring from / instead of ~?

where are the static files actually served from?
@dolvik

This comment has been minimized.

Sign in to view
Copy link

dolvik commented Mar 12, 2017

Thanks. It helped
@javrasya

This comment has been minimized.

Sign in to view
Copy link

javrasya commented Jul 28, 2017

Thank you, it works like a charm.
@Vaayne

This comment has been minimized.

Sign in to view
Copy link

Vaayne commented Sep 4, 2017

Thanks, It works for me
@coder4web

This comment has been minimized.

Sign in to view
Copy link

coder4web commented Nov 15, 2017

Thanks, works with nginx mainline and JH 0.8.1
@afragop72

This comment has been minimized.

Sign in to view
Copy link

afragop72 commented Oct 5, 2019

Thanks for this - that worked for me, as well.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.