I am attempting to create a load balancer for my server. The server runs two webservers: mail.example.com
- mailcow and my own webserver - but for now, I just need to get the proxy working for my mail server.
I am following the documentation on creating a reverse proxy for Mailcow. My folder structure looks like this:
proxy
docker-compose.yml
nginx
conf.d
app.conf
mailcow
docker-compose.yml
data
...
For the full Mailcow directory layout, view it on GitHub
I have both of these containers running using docker compose up -d
in their directories. docker ps
gives me this output:
ce46ee53e91a nginx:mainline-alpine "/docker-entrypoint.…" 11 seconds ago Up 9 seconds 127.0.0.1:8080->8080/tcp, 80/tcp, 127.0.0.1:8443->8443/tcp mailcowdockerized_nginx-mailcow_1
6da454d90564 nginx:alpine "/docker-entrypoint.…" 20 minutes ago Up 20 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:433->433/tcp nginx_proxy
My proxy > nginx > conf.d > app.conf
looks like this:
server {
listen 80;
listen [::]:80;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
server_name mail.example.co.uk;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mail.example.co.uk;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
ssl_certificate /opt/ssl/cert.pem;
ssl_certificate_key /opt/ssl/key.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
ssl_prefer_server_ciphers off;
location /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 75;
proxy_send_timeout 3650;
proxy_read_timeout 3650;
proxy_buffers 64 256k;
client_body_buffer_size 512k;
client_max_body_size 0;
}
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
}
When I visit my domain, I get the RR_CONNECTION_REFUSED
but my http
is redirected to https
which tells me the proxy_pass
returned a dead link.
Refused to connect
If I check the logs on both of the containers, there is no request sent which is confusing me because surely the 301 redirect to https would fire an access log - perhaps my browser is doing the redirect not the server and its simply just not listening correctly.
My proxy nginx log looks like this (after a request):
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
Here's my proxy docker-compose.yml
:
version: '3'
services:
nginx-proxy:
image: nginx:alpine
container_name: nginx_proxy
restart: unless-stopped
tty: true
volumes:
- ./nginx/conf.d/:/etc/nginx/conf.d/
- /opt/mailcow/data/assets/ssl/:/opt/ssl/
ports:
- 80:80
- 433:433
Can anyone help point me in the right direction?
question from:
https://stackoverflow.com/questions/65832877/nginx-how-to-reverse-proxy-to-another-container-running-nginx-in-docker