Docker Community Forums

Share and learn in the Docker community.

NGINX reverse HTTPS proxy in front of Apache

I am trying to get NGINX to handle the HTTPS requests using a self-signed certificate in front of my Apache server and have the ability to visit the proxied application in the browser on my host machine. Currently I’m getting a Bad Gateway 502 for this setup when I visit the proxy mapped port on my host machine. This is a bit of an experiment; I’m probably way in over my head but is it what I’m trying to achieve here possible?

docker-compose.yml

version: '3'

services:
  wp:
    depends_on:
      - db
    build:
      context: .
      dockerfile: wp.Dockerfile
      args:
        UID: 1000
        INSTALL_WP: 1
    restart: always
    ports:
      - 8888:80
    volumes:
      - ./src/:/var/www/html

  proxy:
    build:
      context: .
      dockerfile: proxy.Dockerfile
    restart: always
    ports:
      - 3000:81
      - 3001:443
    volumes:
      - ./nginx:/etc/nginx/conf.d

  db:
    image: mysql:5.7
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: root
      MYSQL_DATABASE: wpdb
      MYSQL_USER: wpuser
      MYSQL_PASSWORD: secret
    volumes:
      - db_data:/var/lib/mysql
  
  phpmyadmin:
    depends_on:
      - db
    image: phpmyadmin/phpmyadmin
    restart: always
    ports:
      - 8889:80

volumes:
  db_data:

custom nginx config

server {
  listen 81;
  server_name localhost;
  return 301 https://$host:3001$request_uri; # redirects to HTTPS
}

server {
  listen 443 ssl;
  server_name localhost;

  ssl_certificate /etc/nginx/ssl/mycert.crt;
  ssl_certificate_key /etc/nginx/ssl/mycert.key;
  
  # root /usr/share/nginx/html/;
  # index index.html index.htm;

  location / {
    proxy_pass http://localhost:8888;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

proxy service Dockerfile:

FROM nginx:1.17

COPY bin/nginx/ /usr/local/bin

RUN mkdir /etc/nginx/ssl && \
    apt-get update && \
    apt-get install -y \
    wget \
    build-essential

# install and configure openssl
RUN wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz && \
    tar -xf openssl-1.1.1d.tar.gz

WORKDIR /openssl-1.1.1d

RUN ./config && \
    make && \
    make test && \
    make install

WORKDIR /

CMD ["bash", "-c", "/usr/local/bin/init.sh"] # generates certificate and starts NGINX

I tried to achieve the same thing and sort of got things to work. Maybe it helps you if you take a look at this question and expand around it to install your custom application (e.g., WordPress): https://stackoverflow.com/q/62647604/5252007.