1

I'm using something like this docker-compose.yml file.

version: '3'
services:
  httpd:
    image: httpd:alpine
    environment:
      - VIRTUAL_HOST=example.com,www.example.com
      - LETSENCRYPT_HOST=example.com,www.example.com
      - LETSENCRYPT_EMAIL=name@example.com
    ports:
      - '1080:80'
  proxy:
    container_name: my_proxy
    image: jwilder/nginx-proxy:alpine
    ports:
      - '80:80'
      - '443:443'
    volumes:
      - '/var/run/docker.sock:/tmp/docker.sock:ro'
      - './volumes/proxy/letsencrypt:/etc/nginx/certs:ro'
      - './volumes/proxy/vhost:/etc/nginx/vhost.d'
      - './volumes/proxy/html:/usr/share/nginx/html'
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    environment:
      - NGINX_PROXY_CONTAINER=my_proxy
      - DEFAULT_EMAIL=name@example.com
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock:ro'
      - './volumes/proxy/letsencrypt:/etc/nginx/certs'
      - './volumes/proxy/vhost:/etc/nginx/vhost.d'
      - './volumes/proxy/html:/usr/share/nginx/html'

I have following 301 redirections (and two certificates, one for example.com and one for www.example.com).

This is ok, but I have I'm trying to get following 301 redirections (with only one certificate for the domain www.example.com).

Is it possible to do that using this docker images ?

MB4E
  • 121
  • 5
  • I had written (now deleted) an answer but realised it may not work when I how different the docker image configuration was. I'm only letting you know via a comment in case you got an email telling you there is an answer :( – Admiral Noisy Bottom May 02 '20 at 00:16
  • yes I saw the answer and the problem is to manage to produce this result with this docker image, which offers several possible customizations. – MB4E May 02 '20 at 00:20
  • Unfortunately I know diddly-squat about Docker stuff, which I think came out with Centos 8. However, I will look into it because I do like to learn new stuff. Despite doing this for 30 years we can always learn new things. :) I'll get back to you if I find anything. – Admiral Noisy Bottom May 02 '20 at 01:30
  • This may or not be useful to you. https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-docker/#manage – Admiral Noisy Bottom May 02 '20 at 01:38
  • It looks like I have found a working solution, but which may be to be improved. – MB4E May 02 '20 at 01:53

1 Answers1

1

Here is a working solution, with the following new docker-compose.yml file.

version: '3'
services:
  httpd:
    image: httpd:alpine
    environment:
      - VIRTUAL_HOST=www.example.com
      - LETSENCRYPT_HOST=example.com,www.example.com
      - LETSENCRYPT_EMAIL=name@example.com
    ports:
      - '1080:80'
  proxy:
    container_name: my_proxy
    image: jwilder/nginx-proxy:alpine
    ports:
      - '80:80'
      - '443:443'
    volumes:
      - '/var/run/docker.sock:/tmp/docker.sock:ro'
      - './volumes/config/proxy/nginx.conf:/etc/nginx/conf.d/example.conf:ro'
      - './volumes/proxy/letsencrypt:/etc/nginx/certs:ro'
      - './volumes/proxy/vhost:/etc/nginx/vhost.d'
      - './volumes/proxy/html:/usr/share/nginx/html'
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    environment:
      - NGINX_PROXY_CONTAINER=my_proxy
      - DEFAULT_EMAIL=name@example.com
    volumes:
      - '/var/run/docker.sock:/var/run/docker.sock:ro'
      - './volumes/proxy/letsencrypt:/etc/nginx/certs'
      - './volumes/proxy/vhost:/etc/nginx/vhost.d'
      - './volumes/proxy/html:/usr/share/nginx/html'

And here is the content of ./volumes/config/proxy/nginx.conf file.

server {
    server_name example.com;
    listen 80 ;
    listen [::]:80 ;
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    return 301 https://www.$host$request_uri;
    ssl_certificate /etc/nginx/certs/default.crt;
    ssl_certificate_key /etc/nginx/certs/default.key;
}

I don't know if it's possible to redirect https://example -> https://www.example.com without using this default ssl certificates.

MB4E
  • 121
  • 5
  • When testing your config make sure you clear the nginx cache. I have read about, and experienced, issues with listening with http2. If you do have issues, remove the http2, clear the cache and try again. – Admiral Noisy Bottom May 02 '20 at 02:27
  • Is it better to remove http2 in nginf.conf file ? And ssl ? – MB4E May 02 '20 at 08:08
  • SSL can stay without a doubt and perhaps http2 if you don't have any issues. The issue I had was when I visited my site my browser popped up the download dialogue window to download it rather than view it. I'd test it with http2 after clearing the cache. I thought mine was working until the cache expired :( – Admiral Noisy Bottom May 02 '20 at 08:42