Provide two ways to add new websites/APIs with automatic SSL support and renewal:
-
Simply update the list of domains inside
.envfile. No need to setup nginx, proxies, mess with docker-compose.yml file, or configuring new containers (see Usage Out of The Box). -
Spin up new docker-compose.yml instance (see WordPress example).
Simply clone this repo, create and update .env file and run docker-compose (docker must be installed first):
git clone https://github.com/ecoinomist/docker-letsencrypt-nginx-proxy.git webproxy
cd webproxy
cp .env.sample .env # then update WEBSITES_DOMAINS list
docker network create webproxy
docker-compose up -dEach website listed at WEBSITES_DOMAINS is expected to have index.html file at this dynamic location <WEBSITES_PATH>/<domain>.<tld>/build/index.html.
The /build part can be changed inside websites/conf.d/default.conf by updating root path.
Follow these steps:
- Copy the content of
docker-compose.yml, as of below:
version: '3'
services:
nginx:
image: nginx
labels:
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
container_name: nginx
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
- ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
- ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
- ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:ro
nginx-gen:
image: jwilder/docker-gen
command: -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
container_name: nginx-gen
restart: always
volumes:
- ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
- ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
- ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
- ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:ro
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
nginx-letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: nginx-letsencrypt
restart: always
volumes:
- ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
- ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
- ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
- ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:rw
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
NGINX_DOCKER_GEN_CONTAINER: "nginx-gen"
NGINX_PROXY_CONTAINER: "nginx"- Create an
.envfile and say where you will locate the nginx files:
NGINX_FILES_PATH=./nginx
- Change the file
docker-compose.ymlwith your own settings:
3.1. Set your PROXY Network
Your website/API container must be in the same network of your nginx proxy.
networks:
default:
external:
name: your-network-name3.2. Set your IP address (optional)
On the line ports add as follow:
ports:
- "YOUR_PUBLIC_IP:80:80"
- "YOUR_PUBLIC_IP:443:443"
- Get the latest version of nginx.tmpl file (only if you have not cloned this repostiry)
curl https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl > nginx.tmplMake sure you are in the same folder of docker-compose file, if not, you must update the the settings - ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro.
- Start your project
docker-compose up -dPlease note that when running a new container to generate certificates with LetsEncrypt it may take a few minutes, depending on multiples circunstances.
Your proxy is ready to go!
Or you can run your own containers with the option -e VIRTUAL_HOST=foo.bar.com alongside with LETSENCRYPT_HOST=foo.bar.com, exposing port 80 and 443, and your certificate will be generated and always valid.
All credits goes to: