First time using nginx reverse-proxy with docker and i need your help, i have a service written in golang and I'm trying to implement nginx but im getting error and have no idea what is happening.
this is my yml file:
version: "3.6"
services:
reverse-proxy:
image: nginx:1.17.10
container_name: reverse_proxy
volumes:
- ./reverse_proxy/nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:80
this is my nginx.conf file:
events {
worker_connections 1024;
}
http {
server {
listen 80 default_server;
server_name localhost 127.0.0.1;
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8081;
}
}
}
after running my service and docker-compose up when i hit curl localhost/api im getting bad gateway 502, although if i run curl localhost:8081, my service is running without any issue.Any help is appreciated because im really stuck here.Thanks in advance.
This is more a Docker problem than a nginx or go, when you are running containers inside the Docker engine, each one will run isolated from each other, so your nginx service doesn't know your backend service.
So, to fix this, you should use Docker networks. A network will enable your services to communicate between them. To do that, you should first edit your docker-compose.yml file
# docker-compose.yml
version: "3.8"
services:
my_server_service:
image: your_docker_image
restart: "always"
networks:
- "api-network"
reverse-proxy:
image: nginx:1.17.10
container_name: reverse_proxy
volumes:
- ./reverse_proxy/nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:80
networks:
- "api-network"
networks:
api-network:
After that, you need to change the proxy-pass of your nginx.conf file to use the same name as your backend service, so change the string "127.0.0.1" to "my_server_service".
# nginx.conf
user nginx;
events {
worker_connections 1024;
}
http {
server {
listen 80 default_server;
server_name localhost 127.0.0.1;
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://my_server_service:8081;
}
}
Also, as you are using nginx as reverse proxy, you even don't need to bind your backend service port with your host machine, the docker network can solves it internally between the services
Related
I have 2 apps I'm trying to host on one machine (Ubuntu 22). The first app is a client side react app that makes api calls to my backend which is a docker compose laravel/nginx/sql. I went into sudo vim /etc/nginx/sites-available/MY.DOMAIN.COM and added the following:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm; #index.nginx-debian.html;
server_name MY.IP.ADDRESS.HERE;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 81;
listen [::]:81;
root /var/www/html/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name MY_DOMAIN_NAME.COM www.MY_DOMAIN_NAME.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
On port 80 is where my react app lives. When someone visits MY.DOMAIN.COM I'm able to serve it without any issues. I'm not sure why putting server_name MY.IP.ADDRESS.HERE; works there vs the domain name like I did for port 81 server_name MY_DOMAIN_NAME.COM www.MY_DOMAIN_NAME.com;. Anyway on port 81 is where my laravel app should live. It's using a docker-compose.yml with this configuration:
version: "3.7"
services:
app:
build:
args:
user: admin
uid: 1000
context: ./
dockerfile: Dockerfile
image: my-laravel
container_name: my-laravel-app
restart: unless-stopped
working_dir: /var/www/
# command: bash -c "php artisan migrate:fresh --seed"
# depends_on:
# - db
# links:
# - db
volumes:
- ./:/var/www
networks:
- my-laravel
db:
image: mysql:8.0.30
container_name: my-laravel-db
restart: unless-stopped
environment:
MYSQL_DATABASE: ${DB_DATABASE}
MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
MYSQL_PASSWORD: ${DB_PASSWORD}
MYSQL_USER: ${DB_USERNAME}
SERVICE_TAGS: dev
SERVICE_NAME: mysql
volumes:
- ./docker-compose/mysql:/docker-entrypoint-initdb.d
networks:
- my-laravel
nginx:
image: nginx:alpine
container_name: my-laravel-nginx
restart: unless-stopped
ports:
- '8081:81'
volumes:
- ./:/var/www
- ./docker-compose/nginx:/etc/nginx/conf.d/
networks:
- my-laravel
networks:
my-laravel:
driver: bridge
The react app is trying to make api calls to const domain = "http://MY.IP.ADDRESS.HERE:8081"; and fails with the message net::ERR_CONNECTION_REFUSED This is where I'm not sure what I did wrong.
I have nginx installed, but I'm also using it in the docker image. Is there any conflict there? Do I even need to configure my installed nginx instance to serve the docker image?
Anyway, the funny thing is I had this all setup and working last week, but I decided to add an ssl cert with cert bot which messed everything up and now I'm starting from scratch. The problem is I don't remember how I got it working to being with lol.
Any help here would be greatly appreciated, thank you in advance.
Basically I do have an app where I have 2 backend projects.
The first one is a Spring Boot project where I have some recommendations algorithms which I want Angular to execute.
The second one is a Laravel project which contains some endpoints for the database (users, items, etc.)
The way Angular is going to communicate with Spring Boot is via WebSocket, so I need some routes to get the data.
The way Angular is going to communicate with Laravel is via API Rest protocol, some basic stuff.
This is the docker-compose I have for the app (I don't know if ports for Nginx are right, but I don't know how to do it)
version: '3'
networks:
laravel:
services:
nginx:
image: nginx:stable-alpine
container_name: nginx
ports:
- "80:80"
- "8090:8090"
volumes:
- .:/var/www/html
- ./docker/nginx/default.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php
- mysql
networks:
- laravel
mysql:
image: mysql:5.7.22
container_name: mysql
tty: true
ports:
- "3306:3306"
volumes:
- ./docker/mysql:/var/lib/mysql
environment:
MYSQL_DATABASE: ''
MYSQL_USER: ''
MYSQL_PASSWORD: ''
MYSQL_ROOT_PASSWORD: ''
networks:
- laravel
php:
build:
context: .
dockerfile: ./docker/Dockerfile
container_name: php
volumes:
- .:/var/www/html
- ./machine-learning/RecommendationSystem:/app
- "./machine-learning/.m2:/.m2"
ports:
- "9000:9000"
networks:
- laravel
maven:
build:
context: .
dockerfile: ./docker/java/Dockerfile
container_name: java
volumes:
- ./machine-learning:/usr/src/machine-learning
depends_on:
- php
- mysql
networks:
- laravel
Also, here it is my Nginx conf file:
upstream springboot
{
keepalive 32;
server localhost:8090 fail_timeout=0;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
root /var/www/html/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_read_timeout 300;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location /machine-learning {
proxy_pass http://localhost:8090/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log main;
}
When I execute mvn package inside the container and then execute curl --verbose http://localhost:8090, it shows me the content I am expecting (a basic hello world message), so I guess the Nginx conf file is correct. When I access this same route in my web browser, I receive the: "The connection was reset" message.
Anyone could help me?
How to make an HTTPS server with Nginx in Docker for the development machine.
I have tried making self-signed certificate and key and moved it up to docker container through volume and assigned it NGINX config, but it doesn't work with HTTPS but work with HTTP.
In host.conf
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
ssl_certificate /etc/nginx/certs/localhost.crt;
ssl_certificate_key /etc/nginx/certs/localhost.key;
server_name localhost;
charset utf-8;
index index.php;
root /var/www/html/web;
...
In docker compose
version: "3"
services:
nginx:
restart: "always"
build: ./nginx
volumes:
- .:/var/www/html
- .certs:/etc/nginx/certs
ports:
- "${SERVER_PORT:-80}:80"
- "443:443"
depends_on:
- php
networks:
- worksite
I started testing the new Laravel Sail docker-compose environment with an nginx reverse proxy so I can access my website from a real tld while developing on my local machine.
My setup is:
OS - Ubuntu Desktop 20 with nginx and docker installed.
Nginx site-enabled on the host machine:
server {
server_name mysite.xyz;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/certs/mysite.xyz.crt;
ssl_certificate_key /etc/ssl/private/mysite.xyz.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
location / {
proxy_pass http://localhost:8002;
}
}
Also I have 127.0.0.1 mysite.xyz in my host machine /etc/hosts file
And my docker-compose:
# For more information: https://laravel.com/docs/sail
version: '3'
services:
laravel.test:
build:
context: ./vendor/laravel/sail/runtimes/8.0
dockerfile: Dockerfile
args:
WWWGROUP: '${WWWGROUP}'
image: sail-8.0/app
ports:
- '8002:80'
environment:
WWWUSER: '${WWWUSER}'
LARAVEL_SAIL: 1
volumes:
- '.:/var/www/html'
networks:
- sail
depends_on:
- mysql
- redis
image: 'mysql:8.0'
ports:
- '${FORWARD_DB_PORT:-3306}:3306'
environment:
MYSQL_ROOT_PASSWORD: '${DB_PASSWORD}'
MYSQL_DATABASE: '${DB_DATABASE}'
MYSQL_USER: '${DB_USERNAME}'
MYSQL_PASSWORD: '${DB_PASSWORD}'
MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
volumes:
- 'sailmysql:/var/lib/mysql'
networks:
- sail
redis:
image: 'redis:alpine'
ports:
- '${FORWARD_REDIS_PORT:-6379}:6379'
volumes:
- 'sailredis:/data'
networks:
- sail
networks:
sail:
driver: bridge
volumes:
sailmysql:
driver: local
sailredis:
driver: local
Site is loading fine when I access mysite.xyz from my host machine.
The issue I'm having is that on the register page that I ca see from my host machine by accessing the register page (https://mysite.xyz/register) the form action is: http://localhost:8002/register
The piece of code that generates the above url is <form method="POST" action="{{ route('register') }}">
This is a problem because I don't access the site from localhost:XXXX but instead from mysite.xyz which goes through the nginx reverse proxy and eventually ends up pointing to http://localhost:8002/register
**
What I checked:
In my Laravel .env file, the APP_URL is mysite.xyz
if I ssh into the the sail container and start artisan tinker and then run route('register') it outputs https://mysite.xyz/ so clearly, the laravel app inside the container seems to be behaving correctly.
The funny thing is that when it renders the html response, it renders the register route as http://localhost:8002/register
I tried searching the entire project for localhost:8002 and I can find it in /storage/framework/sessions/asdofhsdfasf8as7dgf8as7ogdf8asgd7
that bit of text says: {s:3:"url";s:27:"http://localhost:8002/login";}
So it seems that the session thinks it's localhost:8002 but tinker thinks it's mysite.xyz
I'm also a docker noob so who knows what I'm missing. I'm lost :)
The "problem" lies within your nginx configuration, not your code:
proxy_pass http://localhost:8002;
Laravel uses APP_URL in CLI (console) or whenever you use config('app.url') or env('APP_URL') in your code. For all other operations (such as URL constructing via the route helper) Laravel fetches the URL from the request:
URL Generation, Laravel 8.x Docs
The url helper may be used to generate arbitrary URLs for your application. The generated URL will automatically use the scheme (HTTP or HTTPS) and host from the current request being handled by the application.
What you need to do is to pass the correct URL and port in your nginx configuration, by adding:
proxy_pass http://localhost:8002;
proxy_set_header Host $host;
For additional information on the topic, you may want to have a look at this article: Setting up an Nginx Reverse Proxy
Right now, I have a single static site running in a docker container, being served on port 80. This plays nicely, since 80 is the default for public traffic.
So in my /etc/hosts file I can add an entry like like 127.0.0.1 example.dev and navigating to example.dev and it automatically uses port 80.
What if I need to add an additional 2-3 dockerized dev sites to my environment? what would be the best course of action to prevent having to access these sites solely by port, i.e. 81,82,83,etc? Also, it seems under these circumstances, I would be limited to being able to rewrite only the dev site tied to port 80 to a specific hostname? is there a way to overcome this? what is the best way to manage multiple docker sites from different ports?
Note, I was hoping to access the docker container via the container's IP address i.e. 172.21.0.4 and then simply add a hostname entry to my hosts file, but accessing containers by IP address doesn't work on Mac.
docker-compose.yml
version: '3'
services:
mysql:
container_name: mysql
build: ./mysql
environment:
- MYSQL_DATABASE=example_dev
- MYSQL_USER=test
- MYSQL_PASSWORD=test
- MYSQL_ROOT_PASSWORD=0000
ports:
- 3307:3306
phpmyadmin:
container_name: myadmin
image: phpmyadmin/phpmyadmin
ports:
- 8080:80
links:
- "mysql:db"
apache_site1:
container_name: apache_site1
build: ./php-apache
ports:
- 80:80
volumes:
- ../:/var/www/html
links:
- mysql:db
./php-apache/Dockerfile
FROM php:7-apache
COPY ./config/php.ini /usr/local/etc/php/
EXPOSE 80
thanks in advance
Your problem is best handled using a reverse proxy such as nginx. You can run the reverse proxy on port 80 and then configure it to route requests to the specific site. For example,
http://example.dev/site1 route to site1 at http://example.dev:8080
http://example.dev/site2 route to site2 at http://example.dev:8081
And thus you run your sites on ports 8080, 8081...
Specific solution
Based on the docker-compose file in the question. Edit the docker-compose.yml file, adding this service:
nginx-proxy:
image: jwilder/nginx-proxy
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
Then, change the apache_site1 service in this way:
apache_site1:
container_name: apache_site1
build: ./php-apache
volumes:
- ../:/var/www/html
links:
- mysql:db
environment:
- VIRTUAL_HOST=apache-1.dev
Run the docker-compose file and check that your apache-1 website is reachable:
curl -H 'Host: apache-1.dev' localhost
Or use the Chrome extension as described below.
More websites
When you need to add more websites, just add an apache_site2 entry like you want and be sure to set a VIRTUAL_HOST environment variable in its definition.
Generic solution
Use a single nginx with multiple server entries
If you don't want to use a reverse proxy with a subpath for each website,
you can setup a nginx reverse proxy listening on you host 80 port, with one server entry for each site/container you have.
server {
listen 80;
server_name example-1.dev;
location / {
proxy_pass http://website-1-container:port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name example-2.dev;
location / {
proxy_pass http://website-2-container:port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
... and so on
Then, you can use the Host header to request different domains to your localhost without changing your /etc/hosts:
curl -H 'Host: example-2.dev' localhost
If you're doing web development, and so you need to see web pages, you can use a browser extension to customize the Host header at each page request.
Already made solution with nginx and docker services
Use a docker-compose file with all your and use the jwilder/nginx-proxy image that will auto configure a nginx proxy for you using environment variables. This is an example docker-compose.ymlfile:
version: "3"
services:
website-1:
image: website-1:latest
environment:
- VIRTUAL_HOST=example-1.dev
website-2:
image: website-2:latest
environment:
- VIRTUAL_HOST=example-2.dev
nginx-proxy:
image: jwilder/nginx-proxy
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
Apache solution
Use apache virtual hosts to setup multiple websites in the same way described for nginx. Be sure to enable the Apache ProxyPreserveHost Directive to forward the Host header to the proxied server.