Originally, I have a website with nginx and Ubuntu 20.04 port at 80(http) and 443(https), the URL is https://mysite.cc (It works well)
And now, I want to set another site with Spring Cloud (Docker) with the URL https://new.mysite.cc
How to set the nginx or the docker of Spring cloud?
Right now, all of the two sites can separatly work well, but how to integrate with them together in one Ubuntu server?
The config of nginx of https://mysite.cc is:
server { server_name mysite.cc; root /var/www; index index.html index.htm index.nginx-debian.html; location / { try_files $uri $uri/ /index.html; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mysite.cc/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mysite.cc/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot}server { if ($host = mysite.cc) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; listen [::]:80; server_name mysite.cc; return 404; # managed by Certbot}The new site is docker with spring cloud, the part of config file docker-compose.yml is like:
(Right now, it works at http://localhost)
version: "3"services: newsite-nacos: image: nacos/nacos-server:1.4.2 container_name: newsite-nacos restart: always ports: - ${NACOS_PORT:-8848}:8848 healthcheck: test: curl -f http://${NACOS_HOST:-172.20.0.4}:8848/nacos/index.html || exit 1 interval: 6s timeout: 10s retries: 10 networks: newsite-network: ipv4_address: ${NACOS_HOST:-172.20.0.4} newsite-backend: . ports: - ${BACKEND_PORT:-6688}:${BACKEND_PORT:-6688} networks: newsite-network: ipv4_address: ${BACKEND_HOST:-172.20.0.5} newsite-frontend: image: .. container_name: newsite-frontend restart: always environment: - SERVER_NAME=localhost - BACKEND_SERVER_HOST=${BACKEND_HOST:-172.20.0.5} - BACKEND_SERVER_PORT=${BACKEND_PORT:-6688} - USE_HTTPS=false ports: - "80:80" - "443:443" networks: newsite-network: ipv4_address: 172.20.0.6 networks: newsite-network: driver: bridge ipam: config: - subnet: ${SUBNET:-172.20.0.0/16}Advertisement
Answer
You can setup another server block in your nginx configuration to make it work as a proxy.
You should also change exposed ports for the dockerized application not to collide with the first one.
So change this:
ports: - "80:80" - "443:443"Into for example this:
ports: - "8088:80"Proxied communication on one machine doesn’t need to be enciphered as the https config would be set up on the proxy (nginx)
Then the server block could look similarly as this:
server { server_name new.mysite.cc; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; // the port has to match the exposed one of the spring app proxy_pass http://127.0.0.1:8088; proxy_read_timeout 90; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mysite.cc/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mysite.cc/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot}I am not mentioning obtaining of the TLS certificate, as you managed to do that for the first application and the process is equal.