I've got a containerized app running in docker on an Ubuntu host on port 8090. Here's the docker compose file that ties together the backend, the Postgres server and the Vue+Nginx frontend:
version: "3.8"
services:
# DATABASE BACKEND
use_db:
container_name: use_db
image: postgres:14.2
expose:
- "5433"
ports:
- "5433:5433"
environment:
# POSTGRES_HOST_AUTH_METHOD: "trust"
POSTGRES_USER: "postgres"
POSTGRES_PASSWORD: "blabla"
POSTGRES_DB: "use_db"
command: "-p 5433"
restart: always
volumes:
- db:/var/lib/postgresql/data
# FRONT END (LOOKING TO INTERNET)
use_frontend:
container_name: 'use_frontend'
build:
context: ./admin
dockerfile: Dockerfile
restart: always
depends_on:
- use_backend
ports:
- 8090:80 # port forwarding = HOST:DOCKER
# BACKEND (FASTAPI)
use_backend:
container_name: 'use_backend'
build:
context: ./api
dockerfile: Dockerfile
restart: always
depends_on:
- use_db
environment:
DATABASE_URL: "postgres://....."
HOST_LOCATION: "http://<HOST IP>:8090"
command: gunicorn --bind 0.0.0.0:8000 -k uvicorn.workers.UvicornWorker main:app
volumes:
db:
driver: local
So when the docker containers are started with docker compose up -d
, I can access the web app at <HOST>:8090
.
Inside the frontend container, the Nginx conf looks like this:
events {}
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
root /usr/share/nginx/html;
include /etc/nginx/mime.types;
client_max_body_size 20M;
location / {
try_files $uri /index.html;
}
location /api/ {
proxy_pass http://use_backend:8000/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
}
location /ws/ {
proxy_pass http://use_backend:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
}
}
}
Now my next goal is to access the web app via a normal URL. The host machine has a paid domain name tied to one of its user accounts, let's call it example.com
. So there's a dummy index.html
sitting in /home/example.com/
that can be replaced with a real web app to be accessed from the Inte.net as https://example.com
.
There's also a Nginx server running directly on the host whose config is located in /etc/nginx/nginx.conf
and is as follows:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 512M;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POOD LE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
# include /etc/nginx/sites-enabled/*;
}
When I check the open ports containing 80
( lsof -n -i -P | grep 80
) I get:
nginx 167921 root 11u IPv4 1381601 0t0 TCP *:80 (LISTEN)
nginx 167922 www-data 11u IPv4 1381601 0t0 TCP *:80 (LISTEN)
nginx 167923 www-data 11u IPv4 1381601 0t0 TCP *:80 (LISTEN)
nginx 167924 www-data 11u IPv4 1381601 0t0 TCP *:80 (LISTEN)
nginx 167925 www-data 11u IPv4 1381601 0t0 TCP *:80 (LISTEN)
Which confirms that the Nginx service is running on the host listening on port 80
.
How do I bind my docker app (running on port
8090
) to the host domainexample.com
(to run on default port HTTP80
/ HTTPS8080
) so I can access the app fromhttps://example.com
?
You can:
Stop nginx
on your host and publish your Docker container on host port 80 and 443:
ports: - 80:80 - 443:443
This assumes that your Docker application already has an TLS listener on port 443 (whether it does or not is not clear from your question).
Configure nginx to proxy requests to your container. Eg, add to your nginx configuration:
location / { proxy_pass https://localhost:8090/; }
In this case, you would configure nginx to listen for TLS connections on port 443 (using eg these instructions ) and have a proxy stanza for both your http and https listeners.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.