Zenn
Closed2

nginx-proxy + acme-companionでサクッとhttps鯖を建てる

Docker
nginx
海都海都
services:
  nginx-proxy:
    image: nginxproxy/nginx-proxy
    container_name: nginx-proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - conf:/etc/nginx/conf.d
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - certs:/etc/nginx/certs:ro
      - ./htpasswd:/etc/nginx/htpasswd
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - hogehoge-test-network

  acme-companion:
    image: nginxproxy/acme-companion
    container_name: nginx-proxy-acme
    environment:
      - DEFAULT_EMAIL=your@email.com
      - NGINX_PROXY_CONTAINER=nginx-proxy
    volumes:
      - conf:/etc/nginx/conf.d
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - certs:/etc/nginx/certs:rw
      - acme:/etc/acme.sh
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - hogehoge-test-network

  web:
    image: your_image:latest
    environment:
      - VIRTUAL_HOST=your.domain.com
      - LETSENCRYPT_HOST=your.domain.com
    networks:
      - hogehoge-test-network

volumes:
  conf:
  vhost:
  html:
  certs:
  acme:

networks:
  hogehoge-test-network:
    driver: bridge
海都海都

BASIC認証を掛けるとき

#!/bin/bash

USER_NAME=username
PASSWD=password
CRYPTPASS=`openssl passwd -apr1 ${PASSWD}`

echo "${USER_NAME}:${CRYPTPASS}" >> ./htpasswd/your.domain.com
  • opensslコマンドのオプションは-cryptではなく-apr1にしないと8文字より大きいパスワードが使えない
  • ファイル名はドメイン名と同一にすること
このスクラップは2022/09/28にクローズされました