I made a Docker container of a website that’s difficult to deploy, and I can reliably deploy it on localhost on my personal machine. The container sets up an Apache server with all the files and config to run the website.
However, the story is different on my VPS running Ubuntu and Apache. I have two other websites running on the same VPS, each with different domains and running directly on the host without Docker. When I deploy the dockerized website, I can’t access that site. I opened ports on UFW. The Docker container sets the site to run on port 8000, and I tried running a reverse proxy on just that site with Apache by defining a config pointing towards the internal Docker IP on port 8000, but no luck.
Now I’m thinking of running a reverse proxy, but I haven’t found any guides covering my situation: routing websites on both the host machine and through Docker. nginx-proxy looks to cover only Docker containers, and the Apache reverse proxy couldn’t access the Docker container.
What are my options here? I plan to dockerize everything eventually, but that will be sometime in the future and not right away.
Thanks for your reply. Yes, I can access with curl inside the container. The problem seems to be with SSL and I can’t figure out why:
curl https://127.0.0.1:8000/ curl: (60) SSL: no alternative certificate subject name matches target host name '127.0.0.1'I’m using the same certs that the host machine uses. When I bypass authentication with
curl -k https://127.0.0.1:8000/it outputs the contents of the page. I don’t believe there’s a VPS firewall since I have another service running on a higher-numbered port which is accessible from the outside.Without knowing your config is hard… but let’s try: Apache httpd needs “SSLProxyEngine on” directive to be able to proxy to https sites first (assuming you already loaded mod_proy and mod_proxy_httpd), and then when connecting it will check the name of the server as defined in the proxypass directive to see if the certificate on that server matches the name, it also looks for the date of expiration, if any of those fail it wont rev proxy, to ignore those you have to add directives for that, too, but better make sure names match and dates are fine.
An SSL error is expected because you’re using localhost and not the common name that the cert is issued for. But the fact that it’s connecting and showing the error means the server is working.