Reputation: 2539
Docker Nginx disable default exposed port 80
Is there a way to disable the default EXPOSE 80 443 instruction in the nginx docker file without creating my own image?
I'm using Docker Nginx image and trying to expose only port 443 in the following way:
docker run -itd --name=nginx-test --publish=443:443 nginx
But I can see using docker ps -a that the container exposes port 80 as well:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ddc0bca08acc nginx "nginx -g 'daemon off" 17 seconds ago Up 16 seconds 80/tcp, 0.0.0.0:443->443/tcp nginx-test
How can I disable it?
Upvotes: 6
Views: 8680
Answers (4)
Reputation: 3271
You don't need to patch the original dockerfile then rebuilding the image. You can just edit the image's metadata to unexpose the port. See https://github.com/gdraheim/docker-copyedit
Upvotes: 0
Reputation: 2752
There is a workaround to free the port (but not to unexpose it). I tried avoiding to publish the port but it didn't work and I got errors about the por being already in use anyway. Until I found that the trick is to publish the exposed port but mapped to a different one.
Let me explain with an example.
This will still try to use port 80:
docker up -p 443:443
But this will use 443 and some other random port you pick
docker up -p 443:443 -p<some free port>:80
You can do this in your commands, docker-compose or ansible playbooks to be able to start more than one instance on the same machine. (ie: nginx, which exposes port 80 by default)
I do this from docker-compose and ansible too.
Upvotes: 0
Reputation: 39507
The expose instruction is in the docker file which the image is built from.
You need to create your own customized Image for that.
To get the job done: First locate the dockerfile for the official nginx (library)
Then Edit the dockerfile's expose instruction to 443 only.
Now build your own image modified image using official(customized) dockerfile.
To answer your edited question:
Docker uses iptables, While you could manually update the firewall rules to make the service unavailable at a certain port, you would not be able to unbind the Docker proxy. So port 80 will still be consumed on the docker host and docker proxy.
Upvotes: 3
Reputation: 876
according to nginx docker image configuration , you can set this before container starts passing an environment var like :
docker run -itd -e NGINX_PORT=443 --name=nginx-test nginx
see :
using environment variables in nginx configuration
then in your nginx you can set :
listen ${NGINX_PORT};
Upvotes: 0
Related Questions
- Unblocking port 80 / nginx / docker
- Docker - nginx port map other than 80 not work
- Nginx remove exposing port 80/tcp on a docker container, leave only 8080
- How to block port server from http request
- Hide port number in URL exposed by NGINX Docker container
- How to expose Nginx port
- How to make docker application use port 80 (http) instead of 443 (https)
- How to expose ports only within the docker network?
- Linking exposed port of docker with with the default nginx port
- Ubuntu/UFW: How to tell Docker not to expose all ports?