Use docker-compose with Nginx to serve multiple domains to a single server (IP address)
Use docker-compose with Nginx
github: https://github.com/yingshaoxo/yingshaoxo.github.io/tree/master/0.Powered_by_nginx
Generate key
apt install certbot
certbot certonly --standalone -d yingshaoxo.xyz
Download your key for backup (1)
tar -zcvf keys.tar.gz /etc/letsencrypt/live/
python3 -m http.server 8000
Download your key for backup (2)
# Back to your local terminal
wget your_server_ip:8000/keys.tar.gz
#docker-compose.yml
version: '3'
services:
nginx:
image: nginx:latest
container_name: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- /etc/letsencrypt/:/etc/letsencrypt/
ports:
- 80:80
- 443:443
#nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
# server {
# listen 80;
# server_name yingshaoxo.xyz www.yingshaoxo.xyz;
#
# location / {
# proxy_pass https://yingshaoxo.github.io;
# proxy_set_header host yingshaoxo.github.io;
# proxy_set_header referer https://yingshaoxo.github.io;
#
# proxy_set_header user-agent $http_user_agent;
# proxy_set_header x-real-ip $remote_addr;
# proxy_set_header accept-encoding "";
# proxy_set_header accept-language $http_accept_language;
# proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
#
# #sub_filter yingshaoxo.github.io example.com;
# #sub_filter_once off;
# }
# }
#
# server {
# listen 80;
# server_name blog.yingshaoxo.xyz;
#
# location / {
# proxy_pass https://yingshaoxo.blogspot.com;
# proxy_set_header host yingshaoxo.blogspot.com;
# proxy_set_header referer https://yingshaoxo.blogspot.com;
#
# proxy_set_header user-agent $http_user_agent;
# proxy_set_header x-real-ip $remote_addr;
# proxy_set_header accept-encoding "";
# proxy_set_header accept-language $http_accept_language;
# proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
#
# sub_filter example.com yingshaoxo.blogspot.com;
# sub_filter_once off;
# }
# }
server {
listen 443 ssl;
server_name yingshaoxo.xyz www.yingshaoxo.xyz;
ssl_certificate /etc/letsencrypt/live/yingshaoxo.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yingshaoxo.xyz/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
location / {
proxy_pass https://yingshaoxo.github.io;
proxy_set_header Host yingshaoxo.github.io;
proxy_set_header Referer https://yingshaoxo.github.io;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Accept-Language $http_accept_language;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#sub_filter google.com example.com;
#sub_filter_once off;
}
}
server {
listen 443 ssl;
server_name blog.yingshaoxo.xyz;
ssl_certificate /etc/letsencrypt/live/blog.yingshaoxo.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blog.yingshaoxo.xyz/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
location / {
proxy_pass https://yingshaoxo.blogspot.com;
proxy_set_header Host yingshaoxo.blogspot.com;
proxy_set_header Referer https://yingshaoxo.blogspot.com;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Accept-Language $http_accept_language;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
sub_filter example.com yingshaoxo.blogspot.com;
sub_filter_once off;
}
}
}
https://dev.to/domysee/setting-up-a-reverse-proxy-with-nginx-and-docker-compose-29jg
https://github.com/kevin-lxh/Reverse-Proxy-for-Google
Another example:
server {
listen 80 default_server;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name bbs.ai-tools-online.xyz;
ssl_certificate /etc/letsencrypt/live/bbs.ai-tools-online.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bbs.ai-tools-online.xyz/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
location / {
proxy_pass http://127.0.0.1:8088/;
#proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
}
}
by the way, if you use cloudflare flexible SSL mode, then even if all of your service is under 80 port (http), it would be fine