mirror of
https://github.com/tobychui/zoraxy.git
synced 2025-05-31 04:37:20 +02:00
Created Zoraxy in Docker with Portainer and Nginx as examples (markdown)
Marcel
parent
5a8cf00b27
commit
d07bbefe46
230
Zoraxy-in-Docker-with-Portainer-and-Nginx-as-examples.md
Normal file
230
Zoraxy-in-Docker-with-Portainer-and-Nginx-as-examples.md
Normal file
@ -0,0 +1,230 @@
|
||||
# Prepare host-machine
|
||||
|
||||
In this small guide I want to show you how to get started with Zoraxy in a docker container and connect it with other services like Portainer or Nginx.
|
||||
|
||||
I assume you already have docker installed on your system and added your user to the docker group with `sudo usermod -aG docker $USER`
|
||||
(see [Docker.com](https://docs.docker.com/engine/install/ubuntu/) for instruction)
|
||||
|
||||
We will put all the services we need in a separate network called zoraxynet
|
||||
|
||||
Login as a normal user and run:
|
||||
|
||||
`docker network create --subnet 172.25.0.0/16 zoraxynet`
|
||||
|
||||
It returns a a longer UUID, somthing like `e5ecd5bf4e4cce99a252d3d6d3d0bb12e1b65b8daf1e47d9cb7e6a75ab3ae357`
|
||||
This has created our network and we can use it later in Portainer to attach more containers.
|
||||
|
||||
|
||||
Next we will start Zoraxy in a container.
|
||||
Create a folder and change into it
|
||||
|
||||
`mkdir zoraxy && cd zoraxy`
|
||||
|
||||
Now we create a config-folder and a docker-compose.yml
|
||||
|
||||
`mkdir config && nano docker-compose.yml`
|
||||
|
||||
|
||||
Put in these lines:
|
||||
|
||||
```
|
||||
services:
|
||||
zoraxy:
|
||||
image: zoraxydocker/zoraxy:latest
|
||||
container_name: zoraxy
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
- 8005:8000/tcp
|
||||
networks:
|
||||
zoraxynet:
|
||||
volumes:
|
||||
- ./config:/opt/zoraxy/config/
|
||||
environment:
|
||||
ARGS: '-noauth=false'
|
||||
|
||||
networks:
|
||||
zoraxynet:
|
||||
external: true
|
||||
```
|
||||
|
||||
|
||||
***
|
||||
|
||||
|
||||
<img width="263" alt="docker-compose" src="https://github.com/tobychui/zoraxy/assets/110860055/7ba43764-9a74-416a-8fde-40c61bc7454a">
|
||||
|
||||
|
||||
|
||||
The `networks:` tells docker to put Zoraxy in our zoraxynet-network and give it an IP address
|
||||
`external: true` tells docker, to use our already existing network and not to create one with the same name, which would fail.
|
||||
|
||||
|
||||
Run `docker compose up -d` to start the container.
|
||||
|
||||
Test in your browser:
|
||||
|
||||
IP-of-your-server:8005
|
||||
|
||||
In my case: 192.168.0.60:8005
|
||||
|
||||
|
||||
<img width="1304" alt="zoraxy-first-start" src="https://github.com/tobychui/zoraxy/assets/110860055/8c3acfb4-8052-4fe9-8037-eb013619f746">
|
||||
|
||||
|
||||
|
||||
Choose a username and a strong password, after you clicked `confirm`, you can login.
|
||||
|
||||
Change the inbound port to 443, click apply and enable the three buttons below to redirect all HTTP to HTTPS requests.
|
||||
|
||||
Zoraxy now listens on port 80 and 443 on your system and can redirect all traffic to HTTPS.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
***
|
||||
|
||||
# Setup certificates:
|
||||
|
||||
Click on "TLS / SSL Certificates" and scroll down to "Certificate Authority (CA) and Auto Renew (ACME)"
|
||||
|
||||
Choose your prefered CA (Let´s Encrypt in this example), fill in your email-address and click on "Save settings"
|
||||
|
||||
Click on "Open ACME Tool" and press the switch on the top (Enable Certificate Auto Renew)
|
||||
|
||||
Autonrenew is now active!
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
We are done here for the moment, next we will setup Portainer. Switch back to the command line.
|
||||
|
||||
# Setup Portainer
|
||||
|
||||
|
||||
Create a new folder named portainer in your favorite directory and change into it:
|
||||
|
||||
`mkdir portainer && cd portainer`
|
||||
|
||||
|
||||
Create a data folder for the configuration:
|
||||
|
||||
`mkdir data`
|
||||
|
||||
|
||||
|
||||
Create a docker-compose.yml for portainer:
|
||||
|
||||
`nano docker-compose`
|
||||
|
||||
Fill in these lines:
|
||||
|
||||
```
|
||||
services:
|
||||
portainer-ce:
|
||||
networks:
|
||||
zoraxynet:
|
||||
ports:
|
||||
- 9000:9000
|
||||
container_name: portainer
|
||||
restart: always
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- ./data:/data
|
||||
image: portainer/portainer-ce:latest
|
||||
networks:
|
||||
zoraxynet:
|
||||
external: true
|
||||
```
|
||||
|
||||
Start it with `docker compose up -d`
|
||||
|
||||
Test in your browser:
|
||||
|
||||
IP-of-your-server:9000
|
||||
|
||||
In my case: 192.168.0.60:9000
|
||||
|
||||
You can now use portainer as usual.
|
||||
|
||||
|
||||
<img width="1202" alt="portainer-browser" src="https://github.com/tobychui/zoraxy/assets/110860055/e0e2996d-4599-4538-b713-cc9438e10698">
|
||||
|
||||
|
||||
# Setting up Portainer over HTTPS on a (sub)domain
|
||||
|
||||
Login into Zoraxy and go to "Create proxy rule"
|
||||
|
||||
|
||||
"Matching Keyword / Domain" is your (sub)domain, "Target IP Address or Domain Name with port" is the containername:port (portainer:9000)
|
||||
|
||||
|
||||
<img width="565" alt="portainer-rule" src="https://github.com/tobychui/zoraxy/assets/110860055/a4d976ac-9732-4371-892f-b274586af9e7">
|
||||
|
||||
|
||||
|
||||
Port 9000 is the HTTP port of portainer, but why HTTP and not HTTPS? Portainer runs locally and is reached by Zoraxy via HTTP (internal traffic). Zoraxy handles all certificates for us and manages secure connections (external traffic)
|
||||
|
||||
It works like this:
|
||||
|
||||
`Portainer via HTTP -> Zoraxy then adds SSL -> Internet`
|
||||
|
||||
|
||||
No extra certificates, no extra configuration. Always use the plain HTTP port as proxy host in Zoraxy. Zoraxy takes care of the rest.
|
||||
|
||||
Click on "Create Endpoint" and in the rightdown-corner Zoraxy asks if you want to create a certificate. Press okay and now you have a valid cert.
|
||||
|
||||
|
||||
|
||||
|
||||
Check if Portainer runs with HTTPS:
|
||||
|
||||
Navigate to your site in your browser:
|
||||
|
||||
We have successfully reached Portainer via HTTPS.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Adding more containers
|
||||
|
||||
Lastly I show you, how to connect a service in Portainer and add it to Zoraxynetwork and make it available via HTTPS.
|
||||
I use NGINX in this example, but it will work with any other service.
|
||||
|
||||
|
||||
Login into Portainer and go to your containers, now click on the name of your container (nginx in my case)
|
||||
|
||||
<img width="629" alt="portainer-container" src="https://github.com/tobychui/zoraxy/assets/110860055/216d354c-6cb4-4af0-8b3f-3ac6a14a196c">
|
||||
|
||||
|
||||
Scroll down to "Connected networks" and click on "Select a network". Choose "zoraxynet" and click on join network.
|
||||
|
||||
<img width="793" alt="nginx-joined" src="https://github.com/tobychui/zoraxy/assets/110860055/09a62c38-f0cf-4f3a-b9c4-a27eab6f4551">
|
||||
|
||||
|
||||
That´s it for the part of Portainer!
|
||||
|
||||
|
||||
Back to Zoraxy, again go to "Create Proxy Rules"
|
||||
|
||||
Fill in your domain and the target IP is "nginx:80" (Containername:Port-inside-container)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
"Create Endpoint" and click on okay in the right corner for a certificate.
|
||||
|
||||
Let´s see if it works:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Yes, Nginx over HTTPS. Easy attached via Portainer to our network and served via Zoraxy.
|
||||
Loading…
x
Reference in New Issue
Block a user