Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document Docker + NGINX HTTPS config #407

Closed
cdubz opened this issue Feb 28, 2022 · 0 comments
Closed

Document Docker + NGINX HTTPS config #407

cdubz opened this issue Feb 28, 2022 · 0 comments
Labels
documentation Issues relating to documentation enhancement Feature requests or improvements to existing functionality task Specific non-feature things to do that don't require debugging

Comments

@cdubz
Copy link
Member

cdubz commented Feb 28, 2022

Hey @cdubz thanks a ton again for this.

I did modify my docker-compose to work with this and I now have HTTPS! For others who may need this, or if you want to add this to future docs, my docker-compose looks like the following:

version: "3.9"
services:
  babybuddy:
    image: ghcr.io/linuxserver/babybuddy:latest
    container_name: babybuddy
    volumes:
      - ./appdata:/config
    restart: unless-stopped
    env_file: .env
  babybuddy-nginx:
    image: nginx
    container_name: babybuddy-nginx
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./nginx_logs:/var/log/nginx
      - ./certs:/certs
    ports:
      - 18000:18000
    depends_on:
      - babybuddy

I decided to listen in on 18000 (to avoid conflicts w/ another port 8000 service I have)
I have self-signed certificates since I host this on my own network instead of on a public domain. I placed the self-signed certs in the certs directory in the same folder as the project. Here's the nginx.conf file I placed (replaced the domain with the example in the docs for convenience):

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    sendfile        on;
    keepalive_timeout  65;

    server_tokens               off;
    access_log                  /var/log/nginx/babybuddy.access.log;
    error_log                   /var/log/nginx/babybuddy.error.log;

    server {
        server_name         babybuddy.example.com;
        listen              18000 ssl;
        ssl_certificate     /certs/babybuddy.example.com.crt;
        ssl_certificate_key /certs/babybuddy.example.com.key;
        location / {
            proxy_pass              http://babybuddy:8000;
            proxy_set_header        Host $host;
        }
    }
}

Lastly, here's my .env file:

SECURE_PROXY_SSL_HEADER=True
CSRF_TRUSTED_ORIGINS="https://babybuddy.example.com:18000"
DEBUG=1

I hope this helps someone else who wants to run nginx behind docker-compose instead of a full blown service, and thanks again cdubz for the quick responses :)

Originally posted by @bugbountyguy in #406 (comment)
@cdubz cdubz added documentation Issues relating to documentation enhancement Feature requests or improvements to existing functionality task Specific non-feature things to do that don't require debugging labels Feb 28, 2022
@cdubz cdubz closed this as completed in 428a515 Feb 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Issues relating to documentation enhancement Feature requests or improvements to existing functionality task Specific non-feature things to do that don't require debugging
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cdubz