Created
April 10, 2024 05:38
-
-
Save famesjranko/48592492981ed54893de92931e21ed8a to your computer and use it in GitHub Desktop.
docker-compose.yml for redirecting remotely to https via nginx container with self-signed certs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# nginx proxy.conf for redirecting remotely to https | |
# It's pretty straightforward. Just need to create the self-signed certs that are to to be placed inside | |
# volume referenced within the docker-compose.yml file and by this proxy.conf (so cert names need to match!). | |
# And place this proxy.conf file inside '/home/docker/nginx/conf.d:/etc/nginx/conf.d' as referenced by the | |
# docker-compose.yml file | |
# example for how I created the self-signed certificate | |
# sudo openssl req -x509 -nodes -days 3365 -newkey rsa:2048 -keyout /etc/nginx/certs/example.com.key -out /etc/nginx/certs/example.com.crt | |
server { | |
listen 80; | |
server_name _; | |
return 301 https://$host$request_uri; | |
} | |
server { | |
listen 443 ssl; | |
server_name _; | |
ssl_certificate /etc/nginx/certs/example.com.crt; | |
ssl_certificate_key /etc/nginx/certs/example.com.key; | |
access_log /var/log/nginx/remotely.access.log; | |
error_log /var/log/nginx/remotely.error.log; | |
location / { | |
proxy_pass http://172.76.0.3:5000; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection keep-alive; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
location /_blazor { | |
proxy_pass http://172.76.0.3:5000; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
location /AgentHub { | |
proxy_pass http://172.76.0.3:5000; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
location /ViewerHub { | |
proxy_pass http://172.76.0.3:5000; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
location /CasterHub { | |
proxy_pass http://172.76.0.3:5000; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# docker-compose.yml for redirecting remotely to https | |
# It's pretty straightforward. Just need to create the self-signed certs that are to to be placed inside | |
# '/home/docker/nginx/conf.d:/etc/nginx/conf.d' and are referenced by proxy.conf (so cert names need to match!). | |
# And place the proxy.conf file inside '/home/docker/nginx/conf.d:/etc/nginx/conf.d' as referenced by the | |
# docker-compose.yml file | |
# example for how I created the self-signed certificate | |
# sudo openssl req -x509 -nodes -days 3365 -newkey rsa:2048 -keyout /etc/nginx/certs/example.com.key -out /etc/nginx/certs/example.com.crt | |
version: '3.6' | |
networks: | |
net-2: | |
name: network-2 | |
driver: bridge | |
ipam: | |
config: | |
- subnet: 172.76.0.0/16 | |
gateway: 172.76.0.1 | |
services: | |
remotely: | |
container_name: remotely | |
image: immybot/remotely:latest | |
volumes: | |
- /home/docker/remotely:/app/AppData | |
ports: | |
- "5000:5000" | |
networks: | |
net-2: | |
ipv4_address: 172.76.0.3 | |
environment: | |
- ASPNETCORE_ENVIRONMENT=Production | |
- ASPNETCORE_HTTP_PORTS=5000 | |
- Remotely_ApplicationOptions__DbProvider=SQLite | |
- Remotely_ApplicationOptions__DockerGateway=172.76.0.1 | |
- Remotely_ConnectionStrings__SQLite=Data Source=/app/AppData/Remotely.db | |
restart: unless-stopped | |
nginx: | |
container_name: remotely_proxy | |
image: nginx:latest | |
volumes: | |
- /home/docker/nginx/conf.d:/etc/nginx/conf.d | |
- /home/docker/nginx/certs:/etc/nginx/certs | |
ports: | |
- '80:80' | |
- '443:443' | |
networks: | |
net-2: | |
ipv4_address: 172.76.0.2 | |
cap_add: | |
- CAP_NET_ADMIN | |
- CAP_NET_RAW | |
restart: 'unless-stopped' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment