This container proxies web traffic from internal systems with SSL/TLS encryption.
Typical usage would be deployed with a helm chart deployed application in Kubernetes/Docker that does not support SSL natively.
graph LR;
subgraph NGINX Container;
Nginx
SSL(SSL Certificate) -->Nginx;
end
Client <-- 443 --> Nginx(Nginx Proxy);
Nginx <-- HTTP/HTTPS --> Backend(Primary Backend System);
Nginx <-- HTTP/HTTPS --> Backend2(Optional Backend Systems);
The following environmental variables need to be specified:
- HTTPS_PORT - Defaults to port 443 but is the port used by the container to listen to HTTPS requests.
Container volume:
- /ssl - A volume that holds the ssl certificate and key. The file names must be: ssl.crt and ssl.key. Built into the image is a default self signed certificate that may be used if needed, simply don't apply the volume.
- /nginx - A volume containing a set of proxy location configurations. Each must be named with a file suffix of *.location. The template is proxy.locations.
docker build -t nginx-ingress:latestHTTPS_PORT=443
Utilize proxy.locations as a template for each location. At least the root "/" needs to be specified.
docker run -p 443:443 -v ${PWD}/ssl:/ssl -v ${PWD}/conf:/etc/nginx/conf.d --env-file sample.env nginx-ingress:latestversion: '3'
services:
sslgateway:
container_name: sslgateway
image: nginx-proxy:latest
ports:
- '443:443'
environment:
- HTTPS_PORT=443
volumes:
- './ssl:/ssl'
- "./nginx:/etc/nginx/conf.d"
restart: always