docker docker-compose multiple sub.domains with SSL/ port 443 & Apache ssl.conf VirtualHost and Dockerfile
Question
how can I use sub-domains without the need to use a port number attached to the sub_n.domain.com:444
I do have:
- multiple sub.domains.com via DNS redirected to my VPS (sub1. sub2. sub3.)
- every.sub_n shall be connected with its own (L)AMP-Stack-Containers (they are running on Ubuntu. using the same Kernel plus one Apache-PHP-Container each with the sub1 / sub2 / sub3 Serivce plus the databases and a phpMyAdmin)
- every sub_n has its own directory eg sub1/ with its own docker-compose.yml,
- core/ containing the Dockerfile (for the apache-PHP & the databases & phpMyAdmin) plus
- the ssl.conf
I do have one of these "instances" running on port 443:
------below, the docker-compose.yml for the sub1.domain.com: ------------
sub1:
hostname: localhost
container_name: sub1
build:
context: ./core
restart: always
volumes:
- ./core/html:/var/www/html
- ./core/apacheErrorLog:/var/www/apacheErrorLog
tty: true
ports:
- "443:443"
- "80:80"
------below, the Dockerfile (for the PHP-Apache): -------------
ADD ssl.conf /etc/apache2/sites-available/ssl.conf
RUN rm -rf /etc/apache2/sites-enabled/000-default.conf
COPY ./html/ /var/www/html/sub1/
RUN a2enmod ssl
RUN a2ensite ssl
RUN a2enmod vhost_alias
RUN a2enmod rewrite
CMD echo "ServerName localhost" >> /etc/apache2/apache2.conf
and, the ssl.conf
------- below the ssl.conf -----------------------
<VirtualHost *:80>
ServerName sub1.domain.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log common
</VirtualHost>
<VirtualHost *:443>
ServerName sub1.domain.com
ServerAdmin webmaster@domain.com
DocumentRoot /var/www/html/sub1
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl_keys/cert.crt
SSLCertificateKeyFile /etc/apache2/ssl_keys/key.key
SSLCertificateChainFile /etc/apache2/ssl_keys/bundle.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
<Directory /var/www/html/sub1>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
DirectoryIndex index.php
</VirtualHost>
==============================================================
The problem is: if I now add a sub2.domain.com following/adapting these steps, I need to expose the docker-container to another port, eg 444 - and now, the correct "redirect" ro the DocumentRoot will only work, when the port is explicitly entered into the url - else, the "default for 443 (here: var/www/html/" is going to be used, no matter which sub_n. -domain is entered into the browser's url-address.
So: https://sub2.domain.com:444/ -> okay, goes into var/www/html/sub2/ (as defined for the service)
but https://sub2.domain.com/ -> false, goes into var/www/html/ (= the one defined for sub1 running in the sub1-docker-container and thus, the complete wrong docker service...)
1 answers
solution1
0 2022-08-07 19:26:37
Okay, I found the "answer":
--> there is only one port 443 - and if you need to have several docker-containerized-LAMP-stacks running SSL-connected / accessible via ONE specific port, you need a special solution for doing that job, eg traefik reverse proxy : https://doc.traefik.io/traefik/providers/docker/ .
Perhaps, there are other / easier solutions for this, but I already do have some experience with traefik & docker-compose and its routing paradigm...
Feel free to add other, perhaps easier solutions!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.