SSL to Docker Finally Solved

Web Server Sep 26, 2018

I wanted to have all the services connected thru SSL. It was fairly easy for apache sites. But I wasn't able to make it work with ReverseProxy for Docker containers. Until now.

Thanks to excellent tutorial for RocketChat. I was able to make a new template for my Apache configuration. And for all of you that have similar problem I posting it here.

<VirtualHost *:80>
    ServerName DOMAIN
    ServerAlias www.DOMAIN
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =www.DOMAIN [OR]
    RewriteCond %{SERVER_NAME} =DOMAIN
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin EMAIL
    ServerName DOMAIN
    ErrorLog /home/UUSER/error.log
    TransferLog /home/UUSER/access.log
    AssignUserId UUSER UUSER
    LogLevel info
    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/DOMAIN/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/DOMAIN/chain.pem

    <Location />
            Order allow,deny
            Allow from all
    </Location>

    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule /(.*)           ws://localhost:DPORT/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket [NC]
    RewriteRule /(.*)           http://localhost:DPORT/$1 [P,L]

    ProxyPassReverse / http://localhost:DPORT/
</VirtualHost>

Just change EMAIL, DOMAIN, UUSER, DPORT.

Before enabling the site do:

certbot certonly --webroot -w /var/www/html -d DOMAIN

Then enable the site and everything should work.

Tags

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.