Thanks for watching! I've been criticized for not talking about security or performance or other things, but I figure smart people just want to get it working, and once it's working, they can figure out the details. Keeps these videos short and to the point. Having said that, make sure you harden your proxies before deployment!
CONGRATULATIONS, VERY GOOD VIDEO. I have a question how I could do it with docker compose by creating a letsencrypt container to make the https certificates and view them through no-ip. Could you please advise me?
Oh boy, you're are playing this docker compose game on expert level! I'm not sure if I can answer that with certainty, as I always get blocked with SSL connections and I haven't used letsencrypt. Maybe ask on stackoverflow and tag me? I'd love to see what the experts have to say!
thanks. But i have question, is this app is running on another container or in our system.? What if this app run on another container just like tomcat etc?
What if, the application is running at :8080/. What I want is configure the nginx reverse-proxy such that if I request localhost/example; it redirects to the application running on port 8080. I have tried location /example and proxy_pass :8080/; But it is not working. Any help?
You've probably already figured this out, but ill comment for anyone else who has trouble Modify the docker run command to bind the container port 8080 to the desired host machines port. In this case I'm using port 80 "sudo docker run -d --name nginx-base -p 80:8080 nginx:latest" This is what my location block looks like for reference location / { proxy_pass {ipaddress}:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; }
You'd have to invent your own new operating system to do that, which might be a lot of effort. Even in 2024, computers really only allow one process per port. You can't have two containers fighting it out for port 80. You could put all your apps in one container in different subfolders and run it all on port 80. Or, you could run one on port 80, another on port 81, and have a reverse proxy in front spray requests to them. Similarly, Kubernetes can create a 'service' that routes requests through one port to other ports behind the scenes. Point is, your problem isn't a new one. It's one that's dogged admins since the dawn of time. But there are strategies out there. Does that make sense?
Nice one. Just curious ? Is this cp from host to container permanent or ephemeral ? will the copied file still be there if the containers is restarted ?
If the container is stopped and started the file remains there. However, if the container is stopped and deleted, and a new instance of the image is run, the new instance/container will not have the file. If you want to make the change permanent you can take a snapshot of the Docker image with the docker commit command. All containers run off that new image will have the file in it. Lots of options!
@@ricko13 if you install and set it up correctly it does not do that. As you can see.... this WAS supposed to be a tutorial and one would expect it to be properly installed
People who come to a 10 minute video on configuring nginx as a reverse proxy are looking to get things set up quickly. Nobody in their right mind would think that a 10 minute video would address every production level vulnerability and enterprise wide penetration issue. People who come to a video like this just want to get things up and running to see how it works. People are smart enough to put the proper measures in place once they figure out how things work. If people aren't that smart, they won't be in a position where they'll be configuring nginx as a reverse proxy in a production environment. For the most part, my viewers are pretty smart.
Exactly, it helped me understand this concept of NGINX, but obviously there's more if you want to setup something secure, you did a great job explaining the basics of this man, thanks.@@cameronmcnz
can i use a docker service name instead of an ip address? i was supposed to do a reverse proxy to connect my front-end(React) to my back-end(node.js/express), both running in docker via docker compose, since i can't use the service name on the front-end fetch calls cause the request is send by the browser, so docker cannot parse the service name to an ip address in this situation, how could i fix this?