Repository files navigation

This example has been tested with Docker and DigitalOcean VPS

This documentation is a how-to to make a VPS host multiple websites domain and subdomain using NGINX and docker.PR are allowed, and anyone who wish to update this documentation need tofork andsubmit a PR.

You will learn

• How to create a NGINX reverse proxy
• Implement Let's encrypt for SSL certificate
• Using two distinct docker container to display on a domain and subdomain

Before starting to setup your VPS, you need to manage your domain, and subdomain

On cloudflare, or DigitalOcean, create 2 two records of:

• type A, having a hostnameany particular name, which directs to yourVPS IP

eg:subdomain.domain.comdomain.com

Now you've set your records, we need to manually set your nameservers. It depends on your domain provider. DigitalOcean gives a documentation on the matter, here is thelink.

Once you've added your nameservers, you can check if the DNS propagation has been completedhere. This will tell you if your IP and DNS are in sync.

Now that you've created your records, we can now start to manage our NGNIX stuffs.

• Log into your Server via SSH as the root user.

  ssh root@hostname-server

• Use apt-get to update your Server.

  root@hostname-server:~# apt-get update

• Install nginx.

  root@hostname-server:~# apt-get install nginx

• Nginx may not start automatically, so you can to use the following command. Other valid options are "stop" and "restart".

 sudo /etc/init.d/nginx start

• Check if all is okay by browsing at your domain name or IP address. You should see the default NGINX page.

We don't need NGINX page as web server here, we just need NGINX as areverse proxy.

rm /etc/nginx/sites-enabled/default

Next we will add files to ourconf.d folder.

For this example, we will use 2 types of dockerized backend;

• A static website server
• A nodeJS server

First off, we need to install docker-compose to be able to run our docker-compose files.

apt install docker-compose

.├── Dockerfile├── docker-compose.yml└── index.html

cd~mkdir static-server

1. Create staticindex.html file

cat<<EOF >> index.html<h1>Hello World</h1>EOF

2. Create aDockerfile file

cat<<EOF >> DockerfileFROM nginx:alpineCOPY . /usr/share/nginx/htmlEOF

3. Create adocker-compose.yml file

# this will create a docker, named static-web, exposed on port 8000cat<<EOF >> docker-compose.ymlversion: '2'services:  static-web:    build: .    ports:     - "8000:80"EOF

If you've got the structure right. Now typedocker-compose up -d and you can do adocker ps to see if the container is running.

To stop the container, dodocker-compose stop

This didn't come from my personal knowledge, but it can be found onthis blog post. For this nodeJS webserver willuse this github README I've foundhere.

.├── Dockerfile├── docker-compose.yml└── index.js

The code is found above.To stop the swarm you can dodocker swarm leave, if it is theleader, (checkcommand here.), you need to add--force flag.This will force the leader the leave the swarm and terminate the service.

If one day, you need to do some dockerclean up on your server, checkout thislink.Or if you need toerase everything, usedocker system prune -a if somehow you want to start over.

You've set up your containers ! We will now manage our NGINX to do adomain andsubdomain for our server.

Now let's write our configuration files:

# let's get inside conf.d foldercd /etc/ngnix/conf.d

# conf file for our domain.comcat<<EOF >> domain.confserver {  listen 80;  listen [::]:80;  server_name domain.com;  location / {proxy_pass http://static_server_ip/;proxy_buffering off;proxy_set_header Host$host;proxy_set_header X-Real-IP\$remote_addr;  }}EOF

# conf file for our subdomain.domain.comcat<<EOF >> subdomain.domain.confserver {  listen 80;  listen [::]:80;  server_name subdomain.domain.com;  location / {proxy_pass http://nodejs_server_ip/;proxy_buffering off;proxy_set_header Host$host;proxy_set_header X-Real-IP\$remote_addr;  }}EOF

Don't forget to replace the proxyproxy_pass with your servers specific IP.

Runnginx -t to check if everything is OK.The result should be:

nginx: the configuration file /etc/nginx/nginx.conf syntax is oknginx: configuration file /etc/nginx/nginx.conftest is successful

Runln -s /etc/ngnix/conf.d/domain.conf /etc/nginx/sites-enabled/ to enable to website.

And now, you can reload withservice nginx reload.

Now go on your browser, point on yourdomain.com and yoursubdomain.domain.com and all should be fine.

Don't forget to run the servers.First get inside each folder respectively,For static server is:docker-compose up -d

The static website container will run on port 8000

For nodeJS in swarm mode:

docker build -t testimony.docker swarm init

• It may happen that prompt you to choose an IP.
• In this case, you can add--advertise-addr flag following with the IP of your choice, but preferably use thelocal IP of your server.

# Finally you run this:docker stack deploy --compose-file=docker-compose.yml production

The nodeJS container will run on port 85

We will generate an SSL certificate for our domain and subdomain, for that we will useLet's encrypt. It is a free SSL certificate provider. But the work is a bit complicated to set up, so we will useCertbot to leverage our work on this.

First off, we will find the version of our system, for my case, I'm using Ubuntu:

lsb_release -a

Result:

Distributor ID: UbuntuDescription:    Ubuntu 18.04.3 LTSRelease:        18.04Codename:       bionic

Now navigate toCertbot website, and choose accordingly to the information you've got from finding your Operating System version, but don't forget to specify you are usingNginx.

Follow along, until you reachstep 4: "Either get and install your certificates..." part, where you issue a certificate.

At this step, you will see:

certbot --nginx

Just follow along, and just fill in, then when it asks to redirect or no, select option 2 where it says **Redirect - Make all requests redirect to secure HTTPS access. **.

Now you are done !

Go check your files in/etc/nginx/conf.d/xxx.confYou will notice that certbot automatically, and respectively added a configured SSL certificates for our domain and subdomain.Note: It must beregenerated every 3 months.

Server Configuration

/etc/nginx: The Nginx configuration directory. All of the Nginx configuration files reside here./etc/nginx/nginx.conf: The main Nginx configuration file. This can be modified to make changes to the Nginx global configuration./etc/nginx/sites-available/: The directory where per-site server blocks can be stored. Nginx will not use the configuration files found in this directory unless they are linked to the sites-enabled directory. Typically, all server block configuration is done in this directory, and then enabled by linking to the other directory./etc/nginx/sites-enabled/: The directory where enabled per-site server blocks are stored. Typically, these are created by linking to configuration files found in the sites-available directory./etc/nginx/snippets: This directory contains configuration fragments that can be included elsewhere in the Nginx configuration. Potentially repeatable configuration segments are good candidates for refactoring into snippets.

Server Logs

/var/log/nginx/access.log: Every request to your web server is recorded in this log file unless Nginx is configured to do otherwise./var/log/nginx/error.log: Any Nginx errors will be recorded in this log.