i would like to use the docker engine to host a nextcloud container with external maria database and use the jwilder/nginx-proxy image as reverse proxy in combination with jrcs/letsencrypt-nginx-proxy-companion which allows me to use a https connection.
On my opensuse testsystem this combination of docker containers, connected by a docker network, and https does work.
Now I would like to use the same combination here with Rockstor. The problem i am facing is that I can’t get a letsencrypt certificate.
As far as I understand, letsencrypt needs to reach the jwilder/nginx-proxy container on Port 80 and 443. Since Rockstor itself uses nginx which listens on port 443, my idea was to forward these ports from the “Rockstor nginx” to the jwilder/nginx-proxy container and the jwilder/nginx-proxy container does the certificate “magic”.
Is this a good idea and a feasible solution to put the jwilder/nginx-proxy behind the “Rockstor nginx”?
Well obviously not with my skills and my understanding of nginx, because that’s where I am stuck. I tried various configuration of the “Rockstor nginx” to forward ports 80 and 443
I would second @vesper1978’s wise advice on not exposing Rockstor’s webUI if you don’t have to.
I do understand that jwilder’s nginx images do require ports 80 and/or 443 (or at least used to?) so as an alternative, you can change the port used by Rockstor’s webUI from 443 to whatever else is not used.
To do so, go to “System > Services” and click on the little wrench icon next to the Rockstor service to configure it. There, simply use the port of your choice for the “HTTPS Port” (see below), but note of course that you will need to use that new port when you need to access Rockstor’s webUI from now on.
Regarding Nextcloud setup, you will find a few resources on this forum, from users who wrote nice “how-to” guides with similar apps. Feel free to have a look at them:
Of course, you can also use an Nginx Rock-on to do the same thing, which would allow you to leave Rockstor’s nginx config alone.
You may also be interested to know that I’m currently working on implementing an easy way to do just what you need and are apparently doing on your openSUSE system:
We indeed have a pending pull-request on Github that would add support for docker labels to Rock-ons, followed by a current work in progress to implement docker networks into Rockstor and the Rock-ons system (see below). https://github.com/rockstor/rockstor-core/pull/1999