Skip to content

Nginx Configuration on Virtual Machine

Jump to bottom
Gabriela Guedes edited this page Jun 24, 2019 · 3 revisions

This document is also available in Portuguese

1. Create NGINX configuration file

1.1 Create directories

Create the directories that will be used.

mkdir data

cd data

mkdir nginx

1.2 Create the subdomain on Gandi.net

Access https://www.gandi.net/en

  • Create the domain, on domain section, using the machine's external IP address.

1.3 Create the NGINX configuration file

Create the file at /nginx/data/nginx then replace the placeholder values. Replace projectname with the name of your project. Change the server name from example.org to your own domain, using your server's IP/port.

upstream projectname {
    server 10.0.0.10:8000;
}
server {
    listen 80;
    server_name example.org;
    location / {
        return 301 https://$host$request_uri;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
}
server {
    listen 443 ssl;
    server_name example.org;

    location / {
        proxy_pass http://projectname;  
    }
    ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

2.0 NGINX's docker-compose configuration

Create the docker-compose.yml file on the ~/nginx directory.

Then add the following configurations to the file.

version: '3'
services:
  nginx:
    image: nginx:1.15-alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx:/etc/nginx/conf.d
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    # command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
  certbot:
    image: certbot/certbot
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    # entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

3.0 Create the certificate

3.1 Create the certificate generation file

Create a new file called init-letsencrypt.shon the ~/nginx path. Add the content bellow to the new file for certificate generation. Link to access the script to be added

Change the domain to the domain created on Gandi.net.

3.2 Generate Certificate

Set the file as executable, with:

chmod a+x init-letsencrypt.sh

Run the script to generate the certificate.

./init-letsencrypt.sh

To verify registration info about a domain, host or IP DNS, run the command bellow. Use your domain info.

nslookup example.org

The result should be like this

Server:		0.0.0.0
Address:	0.0.0.0#53

Non-authoritative answer:
Name:	example.org
Address: 192.168.0.0

4.0 Run the project

Run the project with the command sudo docker-compose up --build -d Open the browser and insert your domain. You should be redirected to the application page.

Clone this wiki locally