Actually, this post is to continue my previous post: Install Ubuntu Desktop Docker Using Portainer and Access it From Browser (VNC/noVNC).
In that post, I deployed a Ubuntu Desktop Docker using Portainer and access it through a web browser. It only works on port 6080 and does not support https. In this post, I am putting a Nginx docker in front of Ubuntu Desktop Docker as a reverse proxy. Also I deployed CertBot to issue a Let’s Encrypt certificate for Ubuntu Desktop Docker’s domain name. In this way, I can use my own sub-domain name on port 443, rather than 6080, to access my Ubuntu Desktop docker. Much easy and more professional way.
Use Nginx As Reverse Proxy Server
apt update && apt install nano
nano /etc/nginx/conf.d/novnc.conf
server {
listen 80;
server_name novnc.51sec.org;
location / {
proxy_pass http://172.31.23.170:6080;
proxy_http_version 1.1;
proxy_read_timeout 300;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
}
}
Install Certbot
- apt install certbot
- apt install python-certbot-nginx
Certbot issue certs for your domain
- certbot –nginx
root@613085cd0700:/# cat /etc/nginx/conf.d/novnc.conf
server {
server_name novnc.51sec.org;
location / {
proxy_pass http://172.31.23.170:6080;
proxy_http_version 1.1;
proxy_read_timeout 300;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/novnc.51sec.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/novnc.51sec.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = novnc.51sec.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name novnc.51sec.org;
return 404; # managed by Certbot
root@613085cd0700:/#
from Blogger http://blog.51sec.org/2021/02/use-portainer-to-install-nginx-docker.html