mirror of https://github.com/tiyn/wiki
parent
f74687732c
commit
9093d9cfcc
@ -1,9 +1,19 @@
|
|||||||
# Nginx
|
# Nginx
|
||||||
|
|
||||||
The easiest way to configure and run nginx is [ncdt](https://github.com/nasourso/nginx-certbot-docker-tui) by nasourso.
|
The easiest way to configure and run nginx is [ncdt](https://github.com/nasourso/nginx-certbot-docker-tui) by nasourso.
|
||||||
So the first step is downloading it.
|
So the first step is downloading it.
|
||||||
|
|
||||||
```wget https://raw.githubusercontent.com/nasourso/nginx-certbot-docker-tui/master/src/ncdt.sh```
|
`wget https://raw.githubusercontent.com/nasourso/nginx-certbot-docker-tui/master/src/ncdt.sh`
|
||||||
|
|
||||||
You can just run the script and it will install all needed dependencies.
|
You can just run the script and it will install all needed dependencies.
|
||||||
After that just go ahead and start the container.
|
After that just go ahead and start the container.
|
||||||
You can then configure reverse proxies by adding websites.
|
You can then configure reverse proxies by adding websites.
|
||||||
|
|
||||||
|
## Block remote port access
|
||||||
|
|
||||||
|
If you configured a reverse proxy to a port chances are you don't want the port to be accessed outside of the proxy.
|
||||||
|
Especially if you set up a authentication over nginx the open port will avoid the authentication.
|
||||||
|
This can be changed at the forwarded docker-service by replacing for example `-p 7000:7000` with `-p 172.17.0.1:7000:7000`.
|
||||||
|
This forces the docker container to only expose the port in the docker bridge network, effectively banning remote access.
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in new issue