I use a docker-compose file with 3 service (node-red, mosquitto and mongo) and and I want use nginx as load balancer of node-red service:
version: '2.2'
networks:
Platform-Network:
name: IoT-Network
volumes:
Platform:
MQTT-broker:
DataBase:
Nginx:
services:
Platform:
image: custom-node-red:latest
networks:
- Platform-Network
restart: always
volumes:
- ./node-red:/data
# depends_on:
# - Nginx
MQTT-broker:
container_name: mosquitto
image: eclipse-mosquitto
ports:
- "192.168.100.101:1883:1883"
networks:
- Platform-Network
restart: always
depends_on:
- Platform
volumes:
- ./mosquitto/config:/mosquitto/config
- ./mosquitto/data:/mosquitto/data
- ./mosquitto/log:/mosquitto/log
DataBase:
container_name: mongodb
image: mongo
ports:
- "8083:27017"
networks:
- Platform-Network
restart: always
depends_on:
- Platform
volumes:
- ./mongodb/data:/data/db
- ./mongodb/backup:/data/backup
- ./mongodb/mongod.conf:/etc/mongod.conf
- ./mongodb/log:/var/log/mongodb/
Nginx:
container_name: nginx
image: nginx
ports:
- "4000:4000"
depends_on:
- Platform
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
restart: always
Nginx config file is:
user nginx;
events {
worker_connections 1000;
}
http {
upstream platform {
server platform_1:1880;
server platform_2:1880;
server platform_3:1880;
}
server {
listen [::]:4000;
listen 4000;
location / {
proxy_pass http://platform;
}
}
}
I run my service with docker-compose -f platform.yaml up -d --scale Platform=3 and containers up as show in
this
.But as showen in above image, nginx dosnt up.
Nginx container log get this error and i can't resolve it.
Your nginx service also need to join the same network as Platform:
Nginx:
container_name: nginx
image: nginx
ports:
- "4000:4000"
depends_on:
- Platform
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
restart: always
networks: # add this
- Platform-Network
Related
I have problem with minio, not started on selected domain - 502 error.
my docker-compose.yml for nginx proxy reverse + le
services:
nginx:
container_name: nginx
image: nginxproxy/nginx-proxy
restart: unless-stopped
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- /var/docker/nginx/html:/usr/share/nginx/html
- /var/docker/nginx/certs:/etc/nginx/certs
- /var/docker/nginx/vhost:/etc/nginx/vhost.d
logging:
options:
max-size: "10m"
max-file: "3"
letsencrypt-companion:
container_name: nginx-le
image: jrcs/letsencrypt-nginx-proxy-companion
restart: unless-stopped
volumes_from:
- nginx
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/docker/nginx/acme:/etc/acme.sh
environment:
DEFAULT_EMAIL: mail#mail.com
docker-compose.yml for minio
version: '2'
services:
minio:
container_name: minio.domain.com
command: server /data --console-address ":9001"
environment:
- MINIO_ROOT_USER=admin
- MINIO_ROOT_PASSWORD=supersecret
- MINIO_BROWSER_REDIRECT_URL=https://minio.domain.com
- MINIO_DOMAIN=minio.domain.com
image: quay.io/minio/minio:latest
volumes:
- minio:/data
restart: unless-stopped
expose:
- "9000"
- "9001"
environment:
VIRTUAL_HOST: minio.domain.com
LETSENCRYPT_HOST: minio.domain.com
networks:
- proxy
networks:
proxy:
external:
name: nginx_default
volumes:
minio:
logs from docker logs for minio container
Warning: Default parity set to 0. This can lead to data loss.
WARNING: Detected default credentials 'minioadmin:minioadmin', we recommend that you change these values with 'MINIO_ROOT_USER' and 'MINIO_ROOT_PASSWORD' environment variables
MinIO Object Storage Server
Copyright: 2015-2022 MinIO, Inc.
License: GNU AGPLv3 <https://www.gnu.org/licenses/agpl-3.0.html>
Version: RELEASE.2022-12-12T19-27-27Z (go1.19.4 linux/amd64)
Status: 1 Online, 0 Offline.
API: http://192.168.0.7:9000 http://127.0.0.1:9000
Console: http://192.168.0.7:9001 http://127.0.0.1:9001
Documentation: https://min.io/docs/minio/linux/index.html
When I put in docker-compose for minio:
ports:
- '9000:9000'
- '9001:9001'
Minio working, but for all domain on my server.
How I can fix that minio show only on minio.domain.com ?
So if I run ngrok outside of docker, the tunnel connects fine. However when I add it to my docker-compose up i get
failed to complete tunnel connection
Here is my docker-compose:
services:
local.box:
image: nginx:1.21
ports:
- "8888:80"
volumes:
- .:/app
ngrok:
image: ngrok/ngrok:alpine
depends_on:
- local.box
environment:
- NGROK_AUTHTOKEN=<my_token>
command: "http local.box:8888"
volumes:
- .:/app
networks:
default:
name: dev-dev
external: true
I have tried host header rewrites, as well as editing my nginx.conf to not use default server.
The nginx stuff starts up just fine as well.
Try to use this command to image ngrox:
services:
local.box:
image: nginx:1.21
ports:
- "8888:80"
volumes:
- .:/app
ngrok:
image: ngrok:alpine
depends_on:
- local.box
environment:
- NGROK_AUTHTOKEN=<my_token>
command: "http local.box:8888"
volumes:
- .:/app
networks:
default:
name: dev-dev
external: true
I've a VPS on which I want to deploy multiple web applications (for which I've already read posts and they're perfect when we have directly sub container). I want to manage each web application having its own nginx to route to its sub domains and also some static website's related to them. I've two docker compose. My network looks like the following. Image.
My NGINX Rerverse proxy should be responsible to route the domains to respective nginx container. It might be possible or not I'm not sure (that's why I asked help). If someone can provide a better understanding that I'm open to suggestions. Below is my configuration for nginx proxy container and other web apps docker yaml file code. I've used the NGINX PROXY
NGINX PROXY Docker Compose File
version: "3.7"
services:
nginx-proxy:
image: jwilder/nginx-proxy:alpine
container_name: nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
networks:
default:
external:
name: nginx-proxy
WEB APPLICATION 1 docker-compose.yml
version: "3.7"
networks:
default:
external:
name: nginx-proxy
yoda-network:
driver: bridge
services:
adminer:
container_name: ${APP_NAME}_adminer
image: adminer
depends_on:
- mysql
expose:
- 8080
environment:
VIRTUAL_HOST: yodaledger.com
VIRTUAL_PORT: 8080
networks:
- yoda-network
python:
container_name: ${APP_NAME}_python
image: python:3.6
command: bash -c "pip3 install -r requirements.txt && python manage.py runserver 0.0.0.0:8000"
volumes:
- ${APP_PATH}var/www/api.yodaledger.com/yodaledger_backend:/app
- ${APP_PATH}var/www/static.yodaledger.com:/app/static
depends_on:
- mysql
working_dir: /app
environment:
- PYTHONUNBUFFERED=1
- MYSQL_HOST=mysql
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
networks:
- yoda-network
nginx:
container_name: ${APP_NAME}_nginx
image: nginx:alpine
expose:
- 443
- 80
volumes:
- ${APP_PATH}var/www:/var/www
- ${APP_PATH}var/log:/var/log/nginx
- ${APP_PATH}var/ssl:/var/ssl
- ${APP_PATH}etc/nginx:/etc/nginx
- /tmp/${APP_NAME}/nginx:/tmp
depends_on:
- python
environment:
VIRTUAL_PORT: 443
VIRTUAL_HOST: yodaledger.com,api.yodaledger.com,app.yodaledger.com,static.yodaledger.com
networks:
- yoda-network
- default
mysql:
container_name: ${APP_NAME}_mysql
image: mariadb:latest
#ports:
# - "3306:3306"
volumes:
- ${APP_PATH}var/mysql:/var/lib/mysql
- ${APP_PATH}etc/mysql:/etc/mysql
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- TZ=Europe/Paris
networks:
- yoda-network
WEB APPLICATION 2
It looks the same as web application 1.
What I am trying to achieve
I am trying to integrate an SSL certificate for my production site, bonus if I could create a self-signed certificate for local development.
The issue I am having
When trying to integrate the nginx-proxy and letsencrypt-companion it always results in a redirect loop or 502 Bad gateway error.
I've looked around at a variety of ways to integrate these 2 companions but I still am stuck about how to integrate this but always ask myself the same questions when attempting to integrate into my environment.
More detail about my environment
I am running a multi-container Docker Compose web app which uses PHP/PHP-FPM 7.2, MySQL & Nginx. The config looks like:
version: '3.1'
networks:
mywebapp:
services:
nr_nginx:
build: ./env/nginx
networks:
- mywebapp
ports:
- 80:80
- 443:443
env_file:
- ./env/nginx/.env
depends_on:
- nr_php72
tty: true
volumes:
- ./src:/home/www/mywebapp/src
- ./storage:/home/www/storage/mywebapp
- ./data/nginx/logs:/var/log/nginx
- ./env/nginx/webserver/nginx.conf:/etc/nginx/nginx.conf
- ./env/nginx/webserver/conf.d:/etc/nginx/conf.d
- ./env/nginx/webserver/defaults:/etc/nginx/defaults
- ./env/nginx/webserver/global:/etc/nginx/global
- ./env/nginx/ssl/:/etc/letsencrypt/
- ./env/nginx/share:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
nr_mysql:
build: ./env/mysql
networks:
- mywebapp
ports:
- 3306:3306
env_file:
- ./env/mysql/.env
volumes:
- ./data/mysql:/var/lib/mysql
- ./env/mysql/conf.d:/etc/mysql/conf.d
- ./data/dbimport/:/docker-entrypoint-initdb.d
nr_php72:
build: ./env/php72
hostname: php72
networks:
- mywebapp
depends_on:
- nr_mysql
ports:
- 9000:9000
- 8080:8080
volumes:
- ./env/composer:/home/www/.composer
- ./env/global/bashrc:/home/www/.bashrc
- ./data/bash/.bash_history:/home/www/.bash_history
- ~/.ssh:/home/www/.ssh:ro
- ~/.gitconfig:/home/www/.gitconfig:ro
- ./storage:/home/www/storage/mywebapp
- ./src:/home/www/mywebapp/src
Questions
Should the nginx-proxy replace my existing "nr_nginx" container?
Do I have remove the 80:80, 433:433 port mapping for "nr_nginx" and instead assign a random unique port of my choice e.g. 5000?
If yes to question 2, how do I tell the nginx-proxy to proxy pass to my container of port 5000?
Okay, so I think I have solved it:
No it shouldn't replace your own nginx configuration
Yes, remove ports 80 and 443 as this wil be handled by the nginx-proxy, rather expose the ports in your container.
You do not require manually configuring proxy_pass as nginx-proxy does this for you, so long as you specify a VIRTUAL_PORT environment variable.
Here is the boilerplate code that worked for me:
Boilerpalte nginx-proxy-letsencrypt-companion
docker-compose.yml:
version: "3"
services:
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./env/nginx/certs:/etc/nginx/certs
- ./env/nginx/vhost.d:/etc/nginx/vhost.d
- ./env/nginx/share:/usr/share/nginx/html
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt
volumes:
- ./env/nginx/certs:/etc/nginx/certs
- ./env/nginx/vhost.d:/etc/nginx/vhost.d
- ./env/nginx/share:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
networks:
default:
external:
name: nginx-proxy
Boilerplate Nginx PHP MySQL Environment
docker-compose.yml
version: '3.1'
services:
nginx:
container_name: nginx
build: ./env/nginx
ports:
- 5000:5000
expose:
- 80
- 443
environment:
- VIRTUAL_HOST=your.domain.com,www.your.domain.com
- VIRTUAL_PORT=5000
- LETSENCRYPT_EMAIL=your#email.com
- LETSENCRYPT_HOST=your.domain.com
depends_on:
- php72
tty: true
volumes:
- ./src:/home/www/webapp/src
- ./storage:/home/www/storage/webapp
- ./data/nginx/logs:/var/log/nginx
- ./env/nginx/webserver/nginx.conf:/etc/nginx/nginx.conf
- ./env/nginx/webserver/conf.d:/etc/nginx/conf.d
- ./env/nginx/webserver/defaults:/etc/nginx/defaults
- ./env/nginx/webserver/global:/etc/nginx/global
- /var/run/docker.sock:/tmp/docker.sock:ro
mysql:
container_name: mysql
build: ./env/mysql
ports:
- 3306:3306
env_file:
- ./env/mysql/.env
volumes:
- ./data/mysql:/var/lib/mysql
- ./env/mysql/conf.d:/etc/mysql/conf.d
- ./data/dbimport/:/docker-entrypoint-initdb.d
php72:
container_name: php72
build: ./env/php72
hostname: php72
depends_on:
- mysql
ports:
- 9000:9000
volumes:
- ./env/composer:/home/www/.composer
- ./env/global/bashrc:/home/www/.bashrc
- ./data/bash/.bash_history:/home/www/.bash_history
- ~/.ssh:/home/www/.ssh:ro
- ~/.gitconfig:/home/www/.gitconfig:ro
- ./storage:/home/www/storage/webapp
- ./src:/home/www/webapp/src
networks:
default:
external:
name: nginx-proxy
/etc/nginx/conf.d/default.conf - inside "nginx" container:
server {
listen 5000;
listen [::]:5000;
server_name www.your.domain.com;
root /my/web/root/src;
index index.php;
include /any/conf/includes/here.conf;
location / {
fastcgi_param HTTPS 'on';
try_files $uri $uri/ /index.php$is_args$args;
}
}
The fastcgi_param HTTPS 'on'; conf prevents a redirect loop, you can alternatively add $_SERVER['HTTPS'] = 'on'; to your index.php
I’m having trouble with docker-compose and nginx. First, I have this docker-compose.yml:
services:
nginx:
build: ./nginx
ports:
- '8080:80'
depends_on:
- web
- api
web:
build: ./web
depends_on:
- api
api:
build: ./api
Both web (port 3000) and api (port 8000) are express servers that return WEB and API respectively. Now, inside ./nginx:
# Dockefile
FROM nginx:alpine
COPY ["default.conf", "/etc/nginx/conf.d/"]
EXPOSE 80
# default.conf
server {
location / {
proxy_pass http://web:3000;
}
location /api {
proxy_pass http://api:8000;
}
}
Now, when I go to http://localhost:8080, I get WEB, but when I go to http://localhost:8080/api, it redirects to http://localhost:1337/api/ and I get nothing (by the way, it throws a 304 error)
However, when I write this default.conf (put api in /)
# default.conf
server {
location / {
proxy_pass http://api:8000;
}
location /api {
proxy_pass http://web:3000;
}
}
I get the same result but in / I get API, so both servers work.
I don't know whether it helps you or not. I am using nginx docker image directly in my docker-compose.
for example.
docker-compose.yml
version: '3'
services:
jobsaf-server:
build:
context: .
dockerfile: Dockerfile.production
container_name: jobsaf-server
ports:
- "3000:3000"
- "5858:5858"
- "35729:35729"
- "6379:6379"
environment:
- NODE_ENV=production
networks:
- front-tier
- back-tier
depends_on:
- "redis"
- "mongo"
links:
- mongo
- redis
volumes:
- ./server:/var/www/app/jobsaf-website/server
nginx:
image: nginx:stable
depends_on:
- jobsaf-server
links:
- jobsaf-server
volumes:
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf
ports:
- "0.0.0.0:80:80"
mongo:
image: mongo:latest
container_name: mongo
volumes:
- "db-data:/data/db"
environment:
- MONGO_INITDB_ROOT_USERNAME=${DB_USER}
- MONGO_INITDB_ROOT_PASSWORD=${DB_PASS}
- MONGO_INITDB_DATABASE=admin
ports:
- "0.0.0.0:27017:27017"
networks:
- back-tier
redis:
image: redis
container_name: redis
networks:
- back-tier
volumes:
db-data:
# - /data/db
networks:
front-tier:
back-tier: