mirror of https://github.com/tiyn/wiki
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
1.1 KiB
32 lines
1.1 KiB
5 years ago
|
# Nginx
|
||
|
5 years ago
|
|
||
|
5 years ago
|
## Setup Server
|
||
|
|
|
||
|
|
### Docker
|
||
|
|
|
||
|
5 years ago
|
The easiest way to configure and run nginx is [ncdt](https://github.com/nasourso/nginx-certbot-docker-tui) by nasourso.
|
||
|
|
So the first step is downloading it.
|
||
|
|
|
||
|
5 years ago
|
`wget https://raw.githubusercontent.com/nasourso/nginx-certbot-docker-tui/master/src/ncdt.sh`
|
||
|
5 years ago
|
|
||
|
|
You can just run the script and it will install all needed dependencies.
|
||
|
|
After that just go ahead and start the container.
|
||
|
|
You can then configure reverse proxies by adding websites.
|
||
|
5 years ago
|
|
||
|
5 years ago
|
#### Block remote port access
|
||
|
5 years ago
|
|
||
|
|
If you configured a reverse proxy to a port chances are you don't want the port to be accessed outside of the proxy.
|
||
|
|
Especially if you set up a authentication over nginx the open port will avoid the authentication.
|
||
|
|
This can be changed at the forwarded docker-service by replacing for example `-p 7000:7000` with `-p 172.17.0.1:7000:7000`.
|
||
|
|
This forces the docker container to only expose the port in the docker bridge network, effectively banning remote access.
|
||
|
|
|
||
|
5 years ago
|
#### Rebuild
|
||
|
5 years ago
|
|
||
|
5 years ago
|
```
|
||
|
|
#!/bin/sh
|
||
|
|
docker-compose down
|
||
|
|
docker pull nginx:latest
|
||
|
|
docker pull certbot/certbot:latest
|
||
|
|
docker-compose up -d
|
||
|
|
```
|