Reverse proxy
Bellman runs a Dockerized reverse proxy with Let's Encrypt certificates in front of a Dockerized nginx web server.
Dockerized!
See details in Bellman source/docker/proxy and in github, https://github.com/brian32768/docker-proxy
2019-04-01 added HTTPS support.
Reverse proxy
I use jwilder/nginx-proxy image. It does a transparent reverse proxy thing where it watches containers start and stop and adds and removes proxies on the fly.
I address the CORS issues with extra setup files.
https://github.com/jwilder/nginx-proxy/issues/804
Let's Encrypt certificates
I am using the nginx-proxy companion, see https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion I start it in the docker-compose.yml; I used to do it manually.
Web content
Currently I don't care about PHP at all so I run a plain official nginx image to serve static HTML content. I mount /var/www/html so that the container can see my old undockerized content.
When I need PHP I use richarvey's nginx, see https://hub.docker.com/r/richarvey/nginx-php-fpm/ You can add also add environment settings to have it pull code from github instead of using the volume mentioned above. This would make deployment somewhere else easy.
docker run -d --dns=192.168.123.2 --name=web \ -e 'GIT_EMAIL=my email' -e 'GIT_NAME=my name' -e 'GIT_USERNAME=my username' -e 'GIT_REPO=my repo name' \ -e 'GIT_PERSONAL_TOKEN=<long_token_string_here>' \ richarvey/nginx-php-fpm:latest
Moving on to set up HTTPS with Let's Encrypt, I add more environment settings to the above,
-e "WEBROOT=/var/www/htdocs" -v /home/web/htdocs:/var/www/htdocs -e "DOMAIN=bellman.wildsong.biz" \
Then I can tell it I want HTTPS,
docker exec -t web /usr/bin/letsencrypt-setup
uWSGI
uWSGI lets me deploy flask applications without having to run the built in server.
This page helped me: http://markjberger.com/flask-with-virtualenv-uwsgi-nginx/
and this: http://uwsgi-docs.readthedocs.io
apt-get install uwsgi uwsgi-plugin-python
In the virtualenv environment install uwsgi
source venv/bin/activate pip install uwsgi
You can run from command line to test it
uwsgi -s 192.168.1.2:5001 --protocol=http --wsgi-file /var/lib/twilio-weatherman/pyweatherman/wsgi.py
and this should work: http://192.168.1.2:5001/home/
Right now I only need to deploy a single app, so I just hacked a shell script and set it to run at boot.
/var/lib/twilio-weatherman/pyweatherman/uwsgi.sh
I changed nginx to work with it.