I want to make a reverse proxy for rpi 4 and I have some questions and some issues to solve. First things first I successfully deployed my containers. Then I made a docker compose for my nginx service. The written compose is down below. Now the nginx.conf file I made is for reverse proxy my dashy container and my jellyfin. My issue is that I cannot access to them, except if I use my private ip and my port. Because I'm a newbie and I don't have huge knowledge about nginx can anyone help me with this.
(Also I made certificates with certbot.)
One more thing is that
...is my external ip address
nginx code
version: '3.8'
services:
nginx:
container_name: nginx
image: nginx
restart: unless-stopped
volumes:
- /portainer/Files/AppData/Config/nginx/:/usr/share/nginx/html
- /etc/letsencrypt/live/.../:/etc/ssl/certs:ro
ports:
- "8080:80"
command: sh -c 'cp -r /usr/share/nginx/html/nginx.conf /etc/nginx/nginx.conf && tail -f /dev/null'
environment:
- NGINX_HOST=...
- NGINX_PORT=9100,8096
networks:
nginx:
nginx.conf
##Version 2023/04/13 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/nginx.conf.sample
### Based on alpine defaults
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.conf?h=3.15-stable
user root;
# Set number of worker processes automatically based on number of CPU cores.
include /config/nginx/worker_processes.conf;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
# Configures default error logger.
error_log /config/log/nginx/error.log;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
# Include files with config snippets into the root context.
include /etc/nginx/conf.d/*.conf;
events {
# The maximum number of simultaneous connections that can be opened by
# a worker process.
worker_connections 1024;
}
http {
# Includes mapping of file name extensions to MIME types of responses
# and defines the default type.
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Name servers used to resolve names of upstream servers into addresses.
# It's also needed when using tcpsocket and udpsocket in Lua modules.
#resolver 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001;
include /config/nginx/resolver.conf;
# Don't tell nginx version to the clients. Default is 'on'.
server_tokens off;
# Specifies the maximum accepted body size of a client request, as
# indicated by the request header Content-Length. If the stated content
# length is greater than this size, then the client receives the HTTP
# error code 413. Set to 0 to disable. Default is '1m'.
client_max_body_size 0;
# Sendfile copies data between one FD and other from within the kernel,
# which is more efficient than read() + write(). Default is off.
sendfile on;
# Causes nginx to attempt to send its HTTP response head in one packet,
# instead of using partial frames. Default is 'off'.
tcp_nopush on;
# all ssl related config moved to ssl.conf
# included in server blocks where listen 443 is defined
# Enable gzipping of responses.
#gzip on;
# Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'.
gzip_vary on;
# Helper variable for proxying websockets.
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# Sets the path, format, and configuration for a buffered log write.
access_log /config/log/nginx/access.log;
# Includes virtual hosts configs.
include /etc/nginx/http.d/*.conf;
include /config/nginx/site-confs/*.conf;
server {
listen 443 ssl http2;
server_name ...;
ssl_certificate /config/keys/fullchain.pem; #cert.crt
ssl_certificate_key /config/keys/privkey.pem; #cert.key
ssl_trusted_certificates /config/keys/fullchain.pem;
location /jellyfin {
proxy_pass http://localhost:8096/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /dashy {
proxy_pass http://localhost:9100/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
}
#daemon off;
#pid /run/nginx.pid;
