Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge dd23c4015e into 34afde73e0

Browse source
This commit is contained in:
Morten Sjøgren 2014-08-22 03:55:30 +00:00
commit 2212fddaae
3 changed files with 49 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Dockerfile
View file

@ -24,6 +24,7 @@ RUN wget https://github.com/jwilder/docker-gen/releases/download/0.3.2/docker-ge
RUN tar xvzf docker-gen-linux-amd64-0.3.2.tar.gz RUN tar xvzf docker-gen-linux-amd64-0.3.2.tar.gz
EXPOSE 80 EXPOSE 80
EXPOSE 443
ENV DOCKER_HOST unix:///tmp/docker.sock ENV DOCKER_HOST unix:///tmp/docker.sock
CMD ["forego", "start", "-r"] CMD ["forego", "start", "-r"]

2
README.md
View file

@ -6,7 +6,7 @@ See [Automated Nginx Reverse Proxy for Docker][2] for why you might want to use
To run it: To run it:
$ docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock -t jwilder/nginx-proxy $ docker run -d -p 80:80 -p 443:443 -v /var/run/docker.sock:/tmp/docker.sock -v /path/to/nginx/certificates:/etc/nginx/certificates -t jwilder/nginx-proxy
Then start any containers you want proxied with an env var VIRTUAL_HOST=subdomain.youdomain.com Then start any containers you want proxied with an env var VIRTUAL_HOST=subdomain.youdomain.com

47
nginx.tmpl
View file

@ -6,6 +6,23 @@ server {
return 503; return 503;
} }
server {
listen 443 default_server;
server_name _; # This is just an invalid value which will never trigger on a real hostname.
error_log /proc/self/fd/2;
access_log /proc/self/fd/1;
ssl on;
ssl_certificate /etc/nginx/certificates/server.crt;
ssl_certificate_key /etc/nginx/certificates/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
return 503;
}
{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} {{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
upstream {{ $host }} { upstream {{ $host }} {
@ -57,4 +74,34 @@ server {
proxy_set_header Connection ""; proxy_set_header Connection "";
} }
} }
server {
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
listen 443;
server_name {{ $host }};
proxy_buffering off;
error_log /proc/self/fd/2;
access_log /proc/self/fd/1;
ssl on;
ssl_certificate /etc/nginx/certificates/server.crt;
ssl_certificate_key /etc/nginx/certificates/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://{{ $host }};
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; # help the backend application differenciate between HTTP/HTTPS
proxy_set_header HTTPS on;
}
}
{{ end }} {{ end }}