How do you go on configuring another sub domain with the nginx instance inside the docker?


(Ova Light) #1

Could you provide some info this please? The moment I add another .conf file inside /etc/nginx/conf.d/ it completely ignores discourse and instead shows the “Welcome to nginx!” page in both my subdomains. Any ideas?


(Ben T) #2

Do you mean the below? You have to be running nginx outside of the docker container.


(Ova Light) #3

I saw that post . While I was able to apply it successfully I had my url be something like this:
forum.example.com:4578 . I would like the port to be invisible instead for it to be convenient… Is there a way to do that?


(Ben T) #4

You have to follow all of the steps outlined to pass the traffic from your external nginx install to that port. You’d add the linked configuration to the external nginx install.


(Ova Light) #5

I have done that and I can only visit the site like this"forum.site.com:PORT" while I need “forum.site.com” . Is there any work around for such a thing?


(Ben T) #6

You need to install and configure nginx outside of the docker container. You should not be editing the configuration of nginx inside of the container.

The external nginx will be running on port 80; which will appear “invisible” as you’ve specified. Please read over the steps carefully.


(Ova Light) #7

where do I put the conf file ? and with what name ? do I need to change this : proxy_pass http://discourse; ? @trident


(Kane York) #8

This is what I have outside the container:

root@forum:/etc/nginx/sites-available# cat discourse 
# You may add here your
# server {
#	...
# }
# statements for each of your virtual hosts to this file

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
server {
	listen 80;
#	listen [::]:80;
	server_name forum.riking.org;

	return 301 https://$host$request_uri;
}
server {
	listen 443 ssl spdy;
#	listen [::]:443 ssl spdy ipv6only=on;
	server_name forum.riking.org;

	ssl on;
	ssl_certificate      /var/docker/shared/standalone/ssl/ssl.crt;
	ssl_certificate_key  /var/docker/shared/standalone/ssl/ssl.key;
	ssl_session_tickets off;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK;

	# enable SPDY header compression
	spdy_headers_comp 6;
	spdy_keepalive_timeout 300; # up from 180 secs default

	location / {
		proxy_pass https://0.0.0.0:4001;
	}
} 

In app.yml:

expose:
  - "2222:22"
  - "4001:443"

Then add more sites in /etc/nginx/sites-available and symlink them in /etc/nginx/sites-enabled.

Note that the proxy_pass is in HTTPS - the request only travels in cleartext inside the container :stuck_out_tongue:


(Ova Light) #9

can I keep 80:80 instead of - “4001:443” since I dont use ssl ? @riking

EDIT: nginx outside the container suddenly stop working and I can’t start the service back.

this is my file in sites available:

server {
    listen 80;
#listen [::]:80;
    server_name forum.blah.com;

return 301 https://$host$request_uri;
    
    location / {
        proxy_pass https://0.0.0.0:80;
    }
}


(probus) #10

How about for example, redirecting non-www to www inside docker?


(Ben T) #11

That config likely won’t work, as it’s redirecting any incoming request to a non-existent server that would be listening on port 443. You’d need to follow the entire config @riking outlined… not just bits and pieces.

I’m assuming your discourse is not pointed at a subdomain. You’d edit app.yml to add lines to the nginx server config file inside the container; I don’t have the instructions handy. Just add in another server block that looks like:


(Ova Light) #12

@trident I don’t have an ssl certificate ?


(Ova Light) #13

any additional info would be greatly appreciated @riking


(Ova Light) #14

I even did exactly what was stated above by @riking follow all the configuration to no avail


(Ova Light) #15

Do I have to delete nginx from the container?


(Kane York) #16

If you don’t need SSL, do this instead:

server {
	listen 80;
	server_name forum.riking.org;

	location / {
		proxy_pass http://0.0.0.0:4001;
	}
}

In app.yml:

expose:
  - "2222:22"
  - "4001:80"

(Kane York) #17

NO! Keep nginx running inside of the container.


(Ova Light) #18

Now I have to include the port 4001 in order to visit the site on the browser eg forum.example.com:4001


(Kane York) #19

You should be able to connect to the server_name that you specified.


(probus) #20

I’m going to need a little bit more help here. Configuring nginx isn’t the problem, but how to do that from the app.yml?