Adding HTTPS to Manager Using A Reverse Proxy

This article assumes you have deployed Manager using Docer Compose. It also assumes you have already obtained your certificate.

In this article we will be creating a reverse proxy using nginx to handle HTTPS requests to the Manager.

1. Create an empty directory
2. Copy your certificate and private key into the new directory. We named our private key privatekey.pem. We named our certificate fullchain.pem.
3. Create a file named default.conf. This is your nginx config file. This nginx config runs on port 443 and only accepts TLS requests. It is setup to forward all requests to the manager using an internal port. You need to replace {MANAGER_PORT} with the port you have Manager running on. Replace {your IPv4 address} with your server's public IPv4 address.

server {
    listen 443 ssl http2;
    server_name  {your IPv4 address};

    ssl_certificate /etc/nginx/ssl/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/privatekey.pem;

    location / {
        proxy_pass http://127.0.0.1:{MANAGER_PORT}/;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto https;
        client_max_body_size 20m;
    }
}

3. Create a file called Dockerfile with the following commands.
   tip

   If you named your certificate or private key something different from us, make sure to update the name in this file.

FROM nginx:latest
COPY default.conf /etc/nginx/conf.d/default.conf
COPY fullchain.pem /etc/nginx/ssl/fullchain.pem
COPY privatekey.pem /etc/nginx/ssl/privatekey.pem

5. Run docker build -t ngnix-ssl-proxy ./ to build the container image
6. Run docker run --name ngnix-ssl-manager-proxy -p 443:443 ngnix-ssl-proxy