Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

need help with get nginx-proxy work with portainer #705

Closed
yangxuan8282 opened this issue Feb 5, 2017 · 6 comments
Closed

need help with get nginx-proxy work with portainer #705

yangxuan8282 opened this issue Feb 5, 2017 · 6 comments

Comments

@yangxuan8282
Copy link

yangxuan8282 commented Feb 5, 2017
edited

hi, anyone have managed to get nginx-proxy work with portainer, would you mind share the docker-compose file?
I'm trying to run nginx-proxy and portainer on raspberry pi 3, but failed.

below is my environment:

          ssh tunnel
    pi:80-----------> server:80

The pi 80 port forward to a server with public ip 80 port, use ssh tunnel.
Visit domain name which point to server (redirect to pi) got 503 in browser, according to other issues, seems this means nginx-proxy is working. And I can see the nginx-proxy response in terminal.
Then I start the nginx-proxy with docker-compose up:

Nginx Proxy Compose

version: "2"
services:
  nginx-proxy:
    image: yangxuan8282/rpi-nginx-proxy
    container_name: nginx-proxy
    restart: always
    ports:
      - "80:80"
    volumes:
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
    environment:
      - DEFAULT_HOST=mydomain.com
networks:
  default:
    external:
      name: proxy-network

Portainer Compose

version: '2'
services:
  portainer:
    image: portainer/portainer:arm
    container_name: Portainer
    expose:
      - 9000
    ports:
      - 9000:9000
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    environment:
      - VIRTUAL_HOST=app.mydomain.com
      - VIRTUAL_PORT=9000
      - VIRTUAL_NETWORK=proxy-network

networks:
  default:
    external:
      name: proxy-network

As you can see from the compose file, I want to access portainer with app.mydomain.com.
Visit http://raspberrypi:9000 the portainer is here. But when I visit app.mydomain.com got no repose.
@bjoernbusch
Copy link

Could you please show the content of your default.conf file in the nginx-proxy?

docker exec -it nginx-proxy cat /etc/nginx/conf.d/default.conf

@yangxuan8282
Copy link
Author

default.conf

# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
  default $http_x_forwarded_proto;
  ''      $scheme;
}
# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
# server port the client connected to
map $http_x_forwarded_port $proxy_x_forwarded_port {
  default $http_x_forwarded_port;
  ''      $server_port;
}
# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
  default upgrade;
  '' close;
}
# Set appropriate X-Forwarded-Ssl header
map $scheme $proxy_x_forwarded_ssl {
  default off;
  https on;
}
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
log_format vhost '$host $remote_addr - $remote_user [$time_local] '
                 '"$request" $status $body_bytes_sent '
                 '"$http_referer" "$http_user_agent"';
access_log off;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
server {
	server_name _; # This is just an invalid value which will never trigger on a real hostname.
	listen 80;
	access_log /var/log/nginx/access.log vhost;
	return 503;
}
# app.mydomain.com
upstream bfa5c9899066853d7559a0e12d5139a03814885c {
				## Can be connect with "proxy-network" network
			# Portainer
			server 172.21.0.3:9000;
}
server {
	server_name app.mydomain.com;
	listen 80 ;
	access_log /var/log/nginx/access.log vhost;
	location / {
		proxy_pass http://bfa5c9899066853d7559a0e12d5139a03814885c;
	}
}

@yangxuan8282
Copy link
Author

visit app.mydomain.com got:

ERR_NAME_NOT_RESOLVED

@yangxuan8282
Copy link
Author

It turn out the issues is not related to nginx-proxy, it's my domain name dns setting problems.
Need to edit it to a wildcard DNS record:

      from                to
@.mydomain.com ---> *.mydomain.com

otherwise the DNS server will only resolve exactly match mydomain.com

sorry for disrupt, I'm not really familiar with network stuff.

@yangxuan8282
Copy link
Author

seems get portainer work with nginx-proxy is not out of box, need some tweaks
according to issues/348 on portainer, we need to add vhost config file for portainer

first create a folder in same directory with nginx-proxy docker-compose.yml to hold config:

mkdir -p vhost.d

edit nginx-proxy docker-compose.yml , so it look like:

version: "2"
services:
  nginx-proxy:
    image: yangxuan8282/rpi-nginx-proxy
    container_name: nginx-proxy
    restart: always
    ports:
      - "80:80"
    volumes:
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
      - "./vhost.d:/etc/nginx/vhost.d/app.mydomain.com"

networks:
  default:
    external:
      name: proxy-network

add config file for portainer (my subdomain for portainer is app):

cat > ./vhost.d/app.mydomain.com << "EOF"
proxy_http_version 1.1;
proxy_set_header Connection "";
EOF

so the folder hold nginx-proxy compose file look like this:

$ tree nginx-proxy/
nginx-proxy/
├── docker-compose.yml
└── vhost.d
    └── app.mydomain.com

1 directory, 2 files

then start the nginx-proxy:

docker-compose up

finally start the portainer

now you can access portainer at app.mydomain.com

@ovizii
Copy link

ovizii commented Apr 20, 2017

This solution contradicts: portainer/portainer#348

here is suggested to use

└── vhost.d
└── app.mydomain.com

while the other linked issue suggests to use:

└── vhost.d
└── app.mydomain.com_location

None of these two work for me. After reading https://portainer.readthedocs.io/en/latest/faq.html#how-can-i-configure-my-reverse-proxy-to-serve-portainer it looks like one also needs to add another location:

  location /portainer/api/websocket/ {
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_http_version 1.1;
      proxy_pass http://portainer/api/websocket/;
  }

Could someone clarify how to add this via the proxy?

@ovizii ovizii mentioned this issue Apr 20, 2017
Closed
@AlphaComposite AlphaComposite mentioned this issue Apr 26, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ovizii @yangxuan8282 @bjoernbusch