Skip to content

Instantly share code, notes, and snippets.

@famesjranko
Created April 10, 2024 05:38
Show Gist options
  • Save famesjranko/48592492981ed54893de92931e21ed8a to your computer and use it in GitHub Desktop.
Save famesjranko/48592492981ed54893de92931e21ed8a to your computer and use it in GitHub Desktop.
docker-compose.yml for redirecting remotely to https via nginx container with self-signed certs
# nginx proxy.conf for redirecting remotely to https
# It's pretty straightforward. Just need to create the self-signed certs that are to to be placed inside
# volume referenced within the docker-compose.yml file and by this proxy.conf (so cert names need to match!).
# And place this proxy.conf file inside '/home/docker/nginx/conf.d:/etc/nginx/conf.d' as referenced by the
# docker-compose.yml file
# example for how I created the self-signed certificate
# sudo openssl req -x509 -nodes -days 3365 -newkey rsa:2048 -keyout /etc/nginx/certs/example.com.key -out /etc/nginx/certs/example.com.crt
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name _;
ssl_certificate /etc/nginx/certs/example.com.crt;
ssl_certificate_key /etc/nginx/certs/example.com.key;
access_log /var/log/nginx/remotely.access.log;
error_log /var/log/nginx/remotely.error.log;
location / {
proxy_pass http://172.76.0.3:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /_blazor {
proxy_pass http://172.76.0.3:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /AgentHub {
proxy_pass http://172.76.0.3:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /ViewerHub {
proxy_pass http://172.76.0.3:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /CasterHub {
proxy_pass http://172.76.0.3:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# docker-compose.yml for redirecting remotely to https
# It's pretty straightforward. Just need to create the self-signed certs that are to to be placed inside
# '/home/docker/nginx/conf.d:/etc/nginx/conf.d' and are referenced by proxy.conf (so cert names need to match!).
# And place the proxy.conf file inside '/home/docker/nginx/conf.d:/etc/nginx/conf.d' as referenced by the
# docker-compose.yml file
# example for how I created the self-signed certificate
# sudo openssl req -x509 -nodes -days 3365 -newkey rsa:2048 -keyout /etc/nginx/certs/example.com.key -out /etc/nginx/certs/example.com.crt
version: '3.6'
networks:
net-2:
name: network-2
driver: bridge
ipam:
config:
- subnet: 172.76.0.0/16
gateway: 172.76.0.1
services:
remotely:
container_name: remotely
image: immybot/remotely:latest
volumes:
- /home/docker/remotely:/app/AppData
ports:
- "5000:5000"
networks:
net-2:
ipv4_address: 172.76.0.3
environment:
- ASPNETCORE_ENVIRONMENT=Production
- ASPNETCORE_HTTP_PORTS=5000
- Remotely_ApplicationOptions__DbProvider=SQLite
- Remotely_ApplicationOptions__DockerGateway=172.76.0.1
- Remotely_ConnectionStrings__SQLite=Data Source=/app/AppData/Remotely.db
restart: unless-stopped
nginx:
container_name: remotely_proxy
image: nginx:latest
volumes:
- /home/docker/nginx/conf.d:/etc/nginx/conf.d
- /home/docker/nginx/certs:/etc/nginx/certs
ports:
- '80:80'
- '443:443'
networks:
net-2:
ipv4_address: 172.76.0.2
cap_add:
- CAP_NET_ADMIN
- CAP_NET_RAW
restart: 'unless-stopped'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment