In a docker development environment it's usefull in order to access to web containers with a complete url instead of playing with port number (http://my-domain.docker.local vs http://localhost:8123)
As a reverse proxy, we use the traefik docker image.
It will listen to default http port number (80) so if you have a container already on this port or a local web server please, update your container configuration and/or stop your local webserver.
docker network create proxy
$/workspace/local-reverse-proxy: cp env-dist .env
Assuming we want all our domain with the following pattern *.docker.local (you could set the value of your choice in .env file)
echo "127.0.0.1 my-domain.docker.local" >> /etc/hosts
Each domain must be affected to a container. Edit the docker-compose.yml file (or create a docker-compose.override.yml file instead)
Example:
httpd:
image: httpd:2.4
networks:
- akeneo
- proxy #Add this network to the container and the following labels
labels:
- "traefik.docker.network=proxy"
- "traefik.frontend.rule=Host:my-domain.docker.local"
- "traefik.enable=true"
networks:
proxy:
external: true
$/workspace/myProject: docker-compose up -d
$/workspace/local-reverse-proxy: docker-compose up -d
Traefik comes with the https support using https://letsencrypt.org/ service.
Here are the three steps configuration:
- Provide your email in the
.envfile - Create an
acme.jsonfile with low rights$/workspace/local-reverse-proxy: touch acme.json && chmod 600 acme.json - Launch traefik container with the good configuration.
$/workspace/local-reverse-proxy: docker-compose -f docker-composer.yml -f docker-compose.https.yml up -d
More information about https with traefik here https://docs.traefik.io/user-guide/docker-and-lets-encrypt/
cat docker-compose.override.yml | grep "Host:" | sed "s/.*Host:/127\.0\.0\.1\t/g" | sed 's/"//g'