Create an nginx reverse proxy container to forward to specific URL/Port based on requested URL

Question

I want to setup an nginx reverse proxy docker container which forwards based on the URL requested. I have setup dns pointing from all these subdomains of domain.com to the nginx server container.

Example scenario:

Request: subdomain1.domain.com should forward to abc.xyz.com:8087

Request: subdomain2.domain.com should forward to abc.xyz.com:8088

I need to know what I should write in the dockerfile and the nginx.conf file to make the above forward happen. Also these forwards will grow in the future, would there be a way to add these programmatically?

Answer 1

Below is the simplest form of nginx.conf file for request

• subdomain1.domain.com should forward to abc.xyz.com:8087
• subdomain2.domain.com should forward to abc.xyz.com:8088

---

server {
    listen 80;
    listen [::]:80;
    
    server_name subdomain1.domain.com;

    location / {
        proxy_pass http://abc.xyz.com:8087/;
    }
}
server {
    listen 80;
    listen [::]:80;

    server_name subdomain2.domain.com;

    location / {
        proxy_pass http://abc.xyz.com:8087/;
    }
}

Answer 2

Dockerfile

(I had to do the SSL termination, so here you will find SSL related files too, just ignore those if it is not applicable for you.)

FROM nginx:alpine
#create the server and location configuration
COPY nginx.conf /etc/nginx/conf.d/default.conf
COPY cert.pem /etc/nginx-certs/cert.pem
COPY key.pem /etc/nginx-certs/key.pem
COPY ssl.pass /etc/nginx-certs/ssl.pass
RUN mkdir -p /etc/nginx-logs/

nginx.conf

This nginx is configured to reverse proxy any request coming to https:// to http://:8080

server {

    listen 443;
    server_name localhost;

    ssl_certificate           /etc/nginx-certs/cert.pem;
    ssl_certificate_key       /etc/nginx-certs/key.pem;
    ssl_password_file         /etc/nginx-certs/ssl.pass;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;
    underscores_in_headers on;

    access_log            /etc/nginx-logs/<MYAPPLICATION NAME>.access.log;
    client_body_in_file_only on;

    location / {

      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;

      # Fix the “It appears that your reverse proxy set up is broken" error.
      proxy_pass          http://<MYIPADDRESS>:8080/;
      proxy_read_timeout  90;

      proxy_redirect      http://<MYIPADDRESS>:8080 https://localhost;
    }
  }

Please Note, We had a very primal need, so this setup did the trick for us. Just take this as a starting point. Don't refer this example for nginx best practices and such.

For your particular need like

Request: subdomain1.domain.com should forward to abc.xyz.com:8087

Request: subdomain2.domain.com should forward to abc.xyz.com:8088

you can customize nginx.conf further, you can add more locations for different routes . Here https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms Digital Ocean did a nice job in documenting basics of nginx.

And, to manage, nginx.conf, I wouldn't automate the configuration, I would just add it to a version control system like git and set up a CI-CD system like drone.io or travis to manage the deployment. Again, that's just me, you might be having totally different need.

If you want to redirect all http calls to https

server {
    listen 80;
    return 301 https://$host$request_uri;
}