deploy-with-https.mo

Control points

Prerequisites

Steps (~15 min)

Install the nginx-proxy companion (~5 min)

  • Connect to your server ssh user@your.domain

  • Clone the nginx-proxy-companion project on the server at the root of the server.

git clone git@github.com:evertramos/docker-compose-letsencrypt-nginx-proxy-companion.git
  • Create a .env file

cd docker-compose-letsencrypt-nginx-proxy-companion
cp ./.env.sample .env
  • Set the NGINX_FILES_PATH=/srv/nginx/data in the .env

    • vim ./.env

    • line 41 replace NGINX_FILES_PATH=/srv/nginx/data(or a different path if you prefer)

Configure your project to use the companion (~5 min)

  • Remove the binding 80 port command, but expose it

version: '3'
services: 
  your-web-app: #It should contain port: "80:80"
    # ... 
-   ports:
-     - "80:80"
+   expose:
+     - 80
  • Configure the app to use the network created by the companion (webproxy is the default name)

version: '3'
services: 
    # ... 

+networks:
+  default:
+     external:
+        name: webproxy
  • In your project set 3 environment variable: VIRTUAL_HOST, LETSENCRYPT_HOST, LETSENCRYPT_EMAIL. The email will be used by Letsencrypt to notify you if the certificate expire.There are 2 ways:

    • In the docker-compose file

    • In your prod.env file that is read by your Dockerfile.

RECOMENDED WAY

Update the .env file of your web-app docker

  • In the ./env/prod.env add the following:

#... other env variable
+ VIRTUAL_HOST=my.domain.cloud.bam.tech
+ LETSENCRYPT_HOST=my.domain.cloud.bam.tech
+ LETSENCRYPT_EMAIL=your@email.com

Make the switch (~5 min)

  • Cut your app docker:

cd your-project-directory
docker-compose -f docker-compose-prod.yml down
  • Start the companion (go to the companion directory):

cd ../docker-compose-letsencrypt-nginx-proxy-companion
./start.sh
  • Launch your project docker again:

cd -
docker-compose -f docker-compose-prod.yml up -d

Last updated