How to setup SSL with Docker

I am trying to tell you the easiest way to set up SSL for your domain on any server. I have used this test

googlecloudplatform

Create your instance [https://cloud.google.com/ai-platform/deep-learning-vm/docs/quickstart-cli]

Setup your dom…


This content originally appeared on DEV Community and was authored by Dhiraj Patra

I am trying to tell you the easiest way to set up SSL for your domain on any server. I have used this test

googlecloudplatform

Create your instance [https://cloud.google.com/ai-platform/deep-learning-vm/docs/quickstart-cli]

Setup your domain name to instance [https://cloud.google.com/dns/docs/tutorials/create-domain-tutorial]

Log in to your instance with SSH or similar facilities
Go to the root of your application folder. Create a network by
docker network create nginx

Update your docker-compose file similar to this however nginx-prod and certbot is require

version: "3.4"
services:

Nginx reverse proxy

nginx-prod:
container_name: nginx-prod
restart: always
build:
context: ./nginx
dockerfile: Dockerfile
ports:
- 80:80 # for production
- 443:443
volumes:
- ./nginx/public_html:/public_html
- ./nginx/dhparam:/etc/nginx/dhparam
- ./certbot/conf/:/etc/nginx/ssl/
- ./certbot/data:/usr/share/nginx/html/letsencrypt
networks:
- nginx

certbot to create ssl certificate

certbot:
image: certbot/certbot
volumes:
- ./certbot/conf/:/etc/letsencrypt
- ./certbot/logs/:/var/log/letsencrypt
- ./certbot/data:/usr/share/nginx/html/letsencrypt

your web application it may differ for you

web:
build:
context: ./api
dockerfile: Dockerfile
container_name: web
image: orderbot
restart: always
env_file:
- ./.env
ports:
- "5000:5000"
networks:
nginx:
external: true
Hope you have already the nginx folder in the root with this structure
nginx/
conf.d/

Now create these folders at the root

dhparam
public_html

Add configuration file below to nginx/local.conf

server {
listen 80;
server_name YOUR_DOMAIN;
root /public_html/;

location ~ /.well-known/acme-challenge{
  allow all;
  root /usr/share/nginx/html/letsencrypt;
}

}

Go to dhparam folder and run the command below
openssl dhparam -out ~/nginx/dhparam/dhparam-2048.pem 2048
Now fire up the docker-compose

docker-compose up --build -d

Now run the certbot container [kindly replace YOUR_EMAIL and YOUR_DOMAIN]

docker-compose run certbot certonly --webroot --webroot-path=/usr/share/nginx/html/letsencrypt --email YOUR_EMAIL --agree-tos --no-eff-email -d YOUR_DOMAIN

Now stop/down the docker-compose by

docker-compose down

Modify your nginx/conf.d/local.conf [replace YOUR_DOMAIN]

server {
listen 80;
server_name YOUR_DOMAIN;

location ~ /.well-known/acme-challenge{
  allow all;
  root /usr/share/nginx/html/letsencrypt;
}

location / {
  return 301 https://YOUR_DOMAIN$request_uri;
}

}

server {
listen 443 ssl http2;
server_name YOUR_DOMAIN;

 ssl on;
 server_tokens off;
 ssl_certificate /etc/nginx/ssl/live/YOUR_DOMAIN/fullchain.pem;
 ssl_certificate_key /etc/nginx/ssl/live/YOUR_DOMAIN/privkey.pem;
 ssl_dhparam /etc/nginx/dhparam/dhparam-2048.pem;

 ssl_buffer_size 8k;
 ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
 ssl_prefer_server_ciphers on;
 ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

location / {
    proxy_pass http://frontend:3000;
}

}

Now fire up the docker-compose along with your other application containers. Now you can comment out the whole certbot section in the docker-compose.yml file and then run

docker-compose up --build -d
docker ps

Now you can run your domain with
https://

More help here
https://cloud.google.com/community/tutorials/nginx-reverse-proxy-docker

About: I am a Technical Architect and Social Entrepreneur. You can find out more on https://dhirajpatra.github.io/


This content originally appeared on DEV Community and was authored by Dhiraj Patra


Print Share Comment Cite Upload Translate Updates
APA

Dhiraj Patra | Sciencx (2021-08-29T05:54:20+00:00) How to setup SSL with Docker. Retrieved from https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/

MLA
" » How to setup SSL with Docker." Dhiraj Patra | Sciencx - Sunday August 29, 2021, https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/
HARVARD
Dhiraj Patra | Sciencx Sunday August 29, 2021 » How to setup SSL with Docker., viewed ,<https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/>
VANCOUVER
Dhiraj Patra | Sciencx - » How to setup SSL with Docker. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/
CHICAGO
" » How to setup SSL with Docker." Dhiraj Patra | Sciencx - Accessed . https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/
IEEE
" » How to setup SSL with Docker." Dhiraj Patra | Sciencx [Online]. Available: https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/. [Accessed: ]
rf:citation
» How to setup SSL with Docker | Dhiraj Patra | Sciencx | https://www.scien.cx/2021/08/29/how-to-setup-ssl-with-docker/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.