Trying to setup NGINX reverse proxy on my server to connect to a Laravel app on Docker. The default NGINX server block is still untouched. I have added and enabled this server block:
server {
server_name example.com www.example.com;
listen [::]:443 ssl http2 ipv6only=on; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
#include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
add_header Strict-Transport-Security "max-age=15768000" always;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
server_tokens off;
ssl_buffer_size 8k;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;
location / {
proxy_pass http://localhost:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
server {
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
client_max_body_size 8M;
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location ~ /\.(?!well-known).* {
deny all;
}
return 404; # managed by Certbot
}
My Laravel .env file has this configuration:
APP_URL=http://localhost:8080
My docker-compose.yml file looks like this:
version: "3.7"
services:
app:
build:
args:
user: sammy
uid: 1000
context: ./
dockerfile: Dockerfile
image: laraapp
container_name: laraapp-app
restart: unless-stopped
working_dir: /var/www/html/
volumes:
- web-root:/var/www/html
networks:
- laranet
db:
image: mysql/mysql-server:8.0
container_name: laraapp-db
restart: unless-stopped
tty: true
environment:
MYSQL_DATABASE: ${DB_DATABASE}
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
MYSQL_PASSWORD: ${DB_PASSWORD}
MYSQL_USER: ${DB_USERNAME}
SERVICE_TAGS: dev
SERVICE_NAME: mysql
volumes:
- ./mysql:/etc/mysql/conf.d/
- mysqldata:/var/lib/mysql
networks:
- laranet
nginx:
image: nginx:1.21-alpine
container_name: laraapp-nginx
tty: true
restart: unless-stopped
ports:
- "8080:80"
volumes:
- web-root:/var/www/html
- ./nginx:/etc/nginx/conf.d/
depends_on:
- app
networks:
- laranet
networks:
laranet:
driver: bridge
# Volumes
volumes:
mysqldata:
web-root:
driver: local
driver_opts:
type: none
device: /home/sammy/laraapp/src/
o: bind
When I access the laravel app from the browser, the padlock icon on the browser bar indicates that parts of my website are not secure, especially images. How do I make my Docker app available on HTTPS ?
