Docker containers serving as nginx proxies for certain FSFE websites. SSL certificates are handled by the system-wide reverse-proxy and its Let's Encrypt companion.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Max Mehl 2622af3952
do not depend on removed proxy-mail
2 weeks ago
.drone.yml Switch from ansible to docker compose 11 months ago
Dockerfile Updated image use 3 years ago
LICENSE Initial commit 3 years ago
README.md Fix typos [ci skip] 2 years ago
docker-compose.yml do not depend on removed proxy-mail 2 weeks ago
proxy.conf Commit of initial version 3 years ago
setdest.sh Updated image use 3 years ago

README.md

FSFE reverse proxy to external websites

This repository holds the deployment code for containers used to proxy requests to a remote server from lund’s reverse proxy.

What does this do?

The containers transfer requests to remote hosts. For example, for the pdfreaders.org website, the requests are transferred from the reverse proxy to the claus server:

|                lund                      |        claus          |
reverse-proxy    ->    proxy-pdfreaders    ->    claus.fsfeurope.org

The benefit of that is that we can use the automatic certificate provisioning integrated in the reverse proxy for websites not being hosted on lund.

How does this work?

The containers use nginx as a reverse proxy. The proxy.conf file is used as a template for the nginx configuration. The file setdest.sh replaces the placeholders %DESTINATION_HOST% and %DESTINATION_PORT% in the template with environment variables. The environment variables are set in the playbook.

The Dockerfile takes nginx:alpine as the base image, exposes the port 80, and copy both the template and the script to replace the placeholders. Then it runs the script and start nginx as CMD statement.

The nginx configuration transfers the IP addresses to the web servers as well as the Host HTTP header.