GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hartwork → docker-ssl-reverse-proxy

hartwork / docker-ssl-reverse-proxy

Licence: other
Easy-to-use auto-SSL reverse proxy as a Docker container based on Caddy and Let’s Encrypt

Programming Languages

python
139335 projects - #7 most used programming language
Dockerfile
14818 projects
shell
77523 projects

Labels

letsencryptdockertlsssldocker-composehttpsproxydocker-imagereverse-proxycaddyreverseproxyssl-proxylets-encrypttls-proxy

Projects that are alternatives of or similar to docker-ssl-reverse-proxy

Greenlock
Automatic SSL renewal for NodeJS
Stars: ✭ 30 (+36.36%)
Mutual labels:  letsencrypt, tls, ssl, https
Ssl Proxy
🔒 Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
Stars: ✭ 427 (+1840.91%)
Mutual labels:  letsencrypt, tls, ssl, reverse-proxy
httpsbook
《深入浅出HTTPS:从原理到实战》代码示例、勘误、反馈、讨论
Stars: ✭ 77 (+250%)
Mutual labels:  letsencrypt, tls, ssl, https
Acme client
Java ACME Client application
Stars: ✭ 77 (+250%)
Mutual labels:  letsencrypt, tls, ssl, https
letsencrypt-www
Probably the easiest way to create | renew | deploy certificate
Stars: ✭ 27 (+22.73%)
Mutual labels:  letsencrypt, tls, ssl, https
Terraform Provider Acme Old
ACME (Let's Encrypt) Support for Terraform
Stars: ✭ 211 (+859.09%)
Mutual labels:  letsencrypt, tls, ssl
Echo
High performance, minimalist Go web framework
Stars: ✭ 21,297 (+96704.55%)
Mutual labels:  letsencrypt, ssl, https
Serverpilot Letsencrypt
Automate the installation of Let's Encrypt SSL on the free plan of ServerPilot
Stars: ✭ 129 (+486.36%)
Mutual labels:  letsencrypt, ssl, https
Acmetool
🔒 acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
Stars: ✭ 1,882 (+8454.55%)
Mutual labels:  letsencrypt, tls, ssl
Certmagic
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Stars: ✭ 3,864 (+17463.64%)
Mutual labels:  letsencrypt, tls, https
Ansible Role Certbot
Ansible Role - Certbot (for Let's Encrypt)
Stars: ✭ 477 (+2068.18%)
Mutual labels:  letsencrypt, ssl, https
Manuale
A fully manual Let's Encrypt/ACME client
Stars: ✭ 201 (+813.64%)
Mutual labels:  letsencrypt, tls, ssl
Gobetween
☁️ Modern & minimalistic load balancer for the Сloud era
Stars: ✭ 1,631 (+7313.64%)
Mutual labels:  letsencrypt, tls, tls-proxy
Certes
A client implementation for the Automated Certificate Management Environment (ACME) protocol
Stars: ✭ 357 (+1522.73%)
Mutual labels:  letsencrypt, ssl, https
Acme Client
Let's Encrypt / ACME client written in PHP for the CLI.
Stars: ✭ 337 (+1431.82%)
Mutual labels:  letsencrypt, tls, ssl
Netcore Postgres Oauth Boiler
A basic .NET Core website boilerplate using PostgreSQL for storage, Adminer for db management, Let's Encrypt for SSL certificates and NGINX for routing.
Stars: ✭ 57 (+159.09%)
Mutual labels:  letsencrypt, tls, https
Docker Letsencrypt Certgen
Docker image to generate, renew, revoke RSA and/or ECDSA SSL certificates from LetsEncrypt CA using certbot and acme.sh clients in automated fashion
Stars: ✭ 64 (+190.91%)
Mutual labels:  letsencrypt, ssl, https
Guacamole Install Rhel 7
Apache Guacamole installation bash script for RHEL 7 and CentOS 7 including options for Nginx, HTTPS, SSL, LDAP, Let's Encrypt certificates and more
Stars: ✭ 174 (+690.91%)
Mutual labels:  letsencrypt, ssl, https
docker-haproxy-certbot
Dockerized HAProxy with Let's Encrypt certificates automatic renewal
Stars: ✭ 28 (+27.27%)
Mutual labels:  letsencrypt, ssl, lets-encrypt
Certify
SSL Certificate Manager UI for Windows, powered by Let's Encrypt. Download from certifytheweb.com
Stars: ✭ 1,075 (+4786.36%)
Mutual labels:  letsencrypt, ssl, https
View All Similar Projects ➔

About docker-ssl-reverse-proxy

My situation was this: I had multiple Docker containers serving websites on port 80. I wanted a single reverse proxy with SSL powered by Let's Encrypt in front of them that keeps certificates fresh and supports multiple domain names per website (e.g. with www. subdomain and without). Plain HTTP should be redirected to HTTPS on the master domain for each website, alias domains should redirect to the master domain for both HTTP and HTTPS. And that reverse proxy should also run in a Docker container.

This repository has all of that. The heavy lifting is done by Caddy and there's a small tool to generate Caddy configuration from a minimal ini-like sites.cfg file for you (see example).

Thanks to Abiola Ibrahim (@abiosoft) for sharing his Caddy 1.x.x Docker images that I build upon prior to switching to official Caddy 2.x.x Docker images.

Getting Started

  1. Create a simple sites.cfg file manually as seen in the example.

  2. Run ./Caddyfile.generate to generate Caddyfile from sites.cfg for you.

  3. Create Docker network ssl-reverse-proxy for the reverse proxy and its backends to talk:
    docker network create --internal ssl-reverse-proxy

  4. Spin up the container:
    docker-compose up -d --build

  5. Have backend containers join network ssl-reverse-proxy, e.g. as done in the proxy's own docker-compose.yml file.

  6. Enjoy.

How to write the sites.cfg file

The format is rather simple and has three options only. Let's look at this example:

[example.org]
backend = example-org:80
aliases =
    www.example.org
        example.net
    www.example.net

Section name example.org sets the master domain name that all alias domains redirect to. backend points to the hostname and port that serves actual content. Here, example-org is the name of the Docker container that Docker DNS will let us access because we made both containers join external network ssl-reverse-proxy in their docker-compose.yml files. aliases is an optional list of domain names to have both HTTP and HTTPS redirect to master domain example.org. That's it.

The Caddyfile generated from that very sites.cfg would read:

# NOTE: This file has been generated, do not edit
(common) {
    log {
        output stdout
    }
}

example.org {
    import common
    reverse_proxy example-org:80
}

example.net {
    import common
    redir https://example.org{uri}
}

www.example.net {
    import common
    redir https://example.org{uri}
}

www.example.org {
    import common
    redir https://example.org{uri}
}

Support and Contributing

If you run into issues or have questions, please open an issue ticket for that.

Please know that sites.cfg and Caddyfile.generate are not meant to cover much more than they already do. If it grows as powerful as Caddyfile we have failed.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].