sashaaro/docker-compose.tunnel.yml

## docker-compose.tunnel.yml
# public server compose for foobar.com

services:
  nginx:
    image: library/nginx:1.19.6
    network_mode: host
    volumes:
      - ./conf.d:/etc/nginx/conf.d
      - /etc/letsencrypt:/etc/letsencrypt

  tunnel:
    image: jpillora/chisel:latest
    network_mode: host
    command: "server -p 8080 --reverse"

## docker-compose.yml
# client

services:
  # any dev watcher server
  serve:
    image: node:14.15.4-alpine
    entrypoint: npm
    command: ["run", "watch"]
    tty: true
    ports:
      - "3000:3000"

  tunnel:
    image: jpillora/chisel:latest
    network_mode: host
    command: "client foobar.com:8080 R:3000:3000"

## foobar.conf
# conf.d/foobar.conf

server {
    server_name foobar.com www.foobar.com;
    listen *:443 ssl;

    ssl_certificate /etc/letsencrypt/live/foobar.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/foobar.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/foobar.com/chain.pem;

    location / {
        proxy_pass http://localhost:3000;
    }
}
	# public server compose for foobar.com

	services:
	nginx:
	image: library/nginx:1.19.6
	network_mode: host
	volumes:
	- ./conf.d:/etc/nginx/conf.d
	- /etc/letsencrypt:/etc/letsencrypt

	tunnel:
	image: jpillora/chisel:latest
	network_mode: host
	command: "server -p 8080 --reverse"
	# client

	services:
	# any dev watcher server
	serve:
	image: node:14.15.4-alpine
	entrypoint: npm
	command: ["run", "watch"]
	tty: true
	ports:
	- "3000:3000"

	tunnel:
	image: jpillora/chisel:latest
	network_mode: host
	command: "client foobar.com:8080 R:3000:3000"
	# conf.d/foobar.conf

	server {
	server_name foobar.com www.foobar.com;
	listen *:443 ssl;

	ssl_certificate /etc/letsencrypt/live/foobar.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/foobar.com/privkey.pem;
	ssl_trusted_certificate /etc/letsencrypt/live/foobar.com/chain.pem;

	location / {
	proxy_pass http://localhost:3000;
	}
	}