Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge d3787de3ef into 95d4f67a59

Browse source
This commit is contained in:
elsonrodriguez 2014-06-03 22:18:23 +00:00
commit 60c93285e2
3 changed files with 62 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Dockerfile
View file

@ -10,6 +10,12 @@ RUN apt-get update
RUN apt-get install -y nginx RUN apt-get install -y nginx
RUN echo "daemon off;" >> /etc/nginx/nginx.conf RUN echo "daemon off;" >> /etc/nginx/nginx.conf
RUN mkdir /etc/nginx/ssl
WORKDIR /etc/nginx/ssl
RUN openssl genrsa -out server.key 2048
RUN openssl req -new -batch -key server.key -out server.csr
RUN openssl x509 -req -days 10000 -in server.csr -signkey server.key -out server.crt
RUN mkdir /app RUN mkdir /app
WORKDIR /app WORKDIR /app
ADD . /app ADD . /app

14
README.md
View file

@ -1,4 +1,4 @@
nginx-proxy sets up a container running nginx and [docker-gen][1]. docker-gen generate reverse proxy configs for nginx and reloads nginx when containers they are started and stopped. nginx-proxy sets up a container running nginx and [docker-gen][1]. docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped.
See [Automated Nginx Reverse Proxy for Docker][2] for why you might want to use this. See [Automated Nginx Reverse Proxy for Docker][2] for why you might want to use this.
@ -6,7 +6,7 @@ See [Automated Nginx Reverse Proxy for Docker][2] for why you might want to use
To run it: To run it:
$ docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock -t jwilder/nginx-proxy $ docker run -d -p 80:80 -p 443:443 -v /var/run/docker.sock:/tmp/docker.sock -t jwilder/nginx-proxy
Then start any containers you want proxied with an env var VIRTUAL_HOST=subdomain.youdomain.com Then start any containers you want proxied with an env var VIRTUAL_HOST=subdomain.youdomain.com
@ -18,5 +18,15 @@ Provided your DNS is setup to forward foo.bar.com to the a host running nginx-pr
If your container exposes multiple ports, nginx-proxy will default to the service running on port 80. If you need to specify a different port, you can set a VIRTUAL_PORT env var to select a different one. If your container only exposes one port and it has a VIRTUAL_HOST env var set, that port will be selected. If your container exposes multiple ports, nginx-proxy will default to the service running on port 80. If you need to specify a different port, you can set a VIRTUAL_PORT env var to select a different one. If your container only exposes one port and it has a VIRTUAL_HOST env var set, that port will be selected.
### SSL Support
You can enable SSL by setting VIRTUAL_SSL_HOST on your container:
$ docker run -e VIRTUAL_HOST=foo.bar.com -e VIRTUAL_SSL_HOST=foo.bar.com -t ...
VIRTUAL_SSL_PORT can also be set on your container to override the default port, 443.
Self signed certs are generated on docker build, please replace them with your own for production use.
[1]: https://github.com/jwilder/docker-gen [1]: https://github.com/jwilder/docker-gen
[2]: http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/ [2]: http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/

43
nginx.tmpl
View file

@ -53,3 +53,46 @@ server {
} }
} }
{{ end }} {{ end }}
{{ range $host, $containers := groupBy $ "Env.VIRTUAL_SSL_HOST" }}
upstream ssl-{{ $host }} {
{{ range $index, $value := $containers }}
{{ if $value.Env.VIRTUAL_SSL_PORT }}
{{ range $i, $address := $value.Addresses }}
{{ if eq $address.Port $value.Env.VIRTUAL_SSL_PORT }}
# {{$value.Name}}
server {{ $address.IP }}:{{ $address.Port }};
{{end}}
{{end}}
{{ else }}
{{ range $i, $address := $value.Addresses }}
{{ if eq $address.Port "443" }}
# {{$value.Name}}
server {{ $address.IP }}:{{ $address.Port }};
{{ end }}
{{ end }}
{{ end }}
{{ end }}
}
server {
listen 443 ssl;
server_name {{ $host }};
proxy_buffering off;
location / {
proxy_pass https://ssl-{{ $host }};
include /etc/nginx/proxy_params;
}
}
{{ end }}
{{/* Should consider retrieving proper certs from a remote server, keyed by $VIRTUAL_SSL_HOST */}}
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+EXP;
ssl_prefer_server_ciphers on;