Skip to content
nginx proxy with free ssl cert by acme.sh
Shell Dockerfile
Branch: master
Clone or download
neilpang
neilpang support tls 1.3
Latest commit 6611197 Jul 2, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Dockerfile support tls 1.3 Jul 2, 2019
Dockerfile.alpine support tls 1.3 Jul 2, 2019
Procfile init Jun 27, 2019
README.md update Jul 2, 2019
nginx.tmpl fix stream.d Jul 2, 2019
updatessl.sh init Jun 27, 2019

README.md

Based on https://github.com/jwilder/nginx-proxy

A new env varaible ENABLE_ACME is added to use acme.sh to generate free ssl cert from letsencrypt.

All the other options are the same as the upstream project: https://github.com/jwilder/nginx-proxy

It's very easy to use:

1. Run nginx reverse proxy

docker run  \
-p 80:80 \
-p 443:443 \
-it  -d --rm  \
-v /var/run/docker.sock:/tmp/docker.sock:ro  \
-v $(pwd)/proxy/certs:/etc/nginx/certs \
-v $(pwd)/proxy/acme:/acmecerts \
-v $(pwd)/proxy/conf.d:/etc/nginx/conf.d \
-v $(pwd)/vhost.d:/etc/nginx/vhost.d \
-v $(pwd)/stream.d:/etc/nginx/stream.d \
-v $(pwd)/dhparam:/etc/nginx/dhparam \
--name proxy \
neilpang/nginx-proxy

It's recommended to run with --net=host option, like:

docker run  \
-it  -d --rm  \
-v /var/run/docker.sock:/tmp/docker.sock:ro  \
-v $(pwd)/proxy/certs:/etc/nginx/certs \
-v $(pwd)/proxy/acme:/acmecerts \
-v $(pwd)/proxy/conf.d:/etc/nginx/conf.d \
-v $(pwd)/vhost.d:/etc/nginx/vhost.d \
-v $(pwd)/stream.d:/etc/nginx/stream.d \
-v $(pwd)/dhparam:/etc/nginx/dhparam \
--name proxy \
--net=host \
neilpang/nginx-proxy

For a docker compose v2 or v3 project, every project has a dedicated network, so, you must use --net=host option, so that it can proxy any projects on you machine.

Docker Compose

version: '2'

services:
  nginx-proxy:
    image: neilpang/nginx-proxy
    ports:
      - "80:80"
      - "443:443"
      volumes:
        - /var/run/docker.sock:/tmp/docker.sock:ro
        - ./proxy/certs:/etc/nginx/certs
        - ./proxy/acme:/acmecerts
        - ./proxy/conf.d:/etc/nginx/conf.d
        - ./proxy/vhost.d:/etc/nginx/vhost.d \
	      - ./proxy/stream.d:/etc/nginx/stream.d \
	      - ./proxy/dhparam:/etc/nginx/dhparam \
      network_mode: "host"

2. Run an internal webserver

docker run -itd --rm \
-e VIRTUAL_HOST=foo.bar.com \
-e ENABLE_ACME=true \
httpd
You can’t perform that action at this time.