SOLVED NGINX® Manager - Reverse Proxy Subdomain to Docker-Container

  • Thread starter Deleted member 1066013
  • Start date
Operating System & Version
CENTOS 7.9 kvm [server]
cPanel & WHM Version
98.0.4
D

Deleted member 1066013

Guest
Hey everyone,
I have a few Docker containers running on my cPanel server and recently switched from Engintron to NGINX® Manager.

Using Engintron, I had redirected calls to the subdomains to IP:port of the Docker containers.

I achieved this with this code in CustomRules.conf:

NGINX:
#Redirect http to https
if ($scheme = "http") {
    set $redirToSSL "yes";
}

if ($host ~* "^sub1\.|^sub2\.") {
    set $shouldSSL "please";
}
set $sslRedirection $redirToSSL$shouldSSL;

if ($sslRedirection = "yesplease") {
    return 301 https://$host$request_uri;
}

#Redirect Subdomain to Docker
if ($host = "sub1.domain.com") {
    set $PROXY_SCHEME "http"; # Is the internal protocol HTTPS? If not, change to "http"
    set $PROXY_DOMAIN_OR_IP "server.domain.com";
    set $PROXY_TO_PORT PORT;
    set $redirToSSL "on";
}


if ($host = "sub2.domain.com") {
    set $PROXY_SCHEME "http"; # Is the internal protocol HTTPS? If not, change to "http"
    set $PROXY_DOMAIN_OR_IP "server.domain.com";
    set $PROXY_TO_PORT PORT;
    set $redirToSSL "on";
}
I wanted to configure the reverse proxy via the include files in /etc/nginx/conf.d/users/user/sub#.domain.com/sub.conf .

Unfortunately I found out that neither if-blocks nor proxypass are allowed here.

How can I make the call to my subdomain be redirected to my docker container?

Thanks for your help
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,494
1,009
313
cPanel Access Level
Root Administrator
Hey there! cPanel doesn't officially support docker containers so I don't have an official answer for this on my end. I'll leave this marked as "new thread" for a bit for better visibility to see if other users have some ideas they can share.
 
  • Like
Reactions: Hackle

Hackle

Member
Aug 18, 2021
8
1
3
Germany
cPanel Access Level
Root Administrator
Sorry, maybe it is wrong to write this here.

But apparently overnight my account was deleted and I just had to create a new account. In addition my post was given to user kdav850, how is this possible?
 

Hackle

Member
Aug 18, 2021
8
1
3
Germany
cPanel Access Level
Root Administrator
I don't entirely understand what you're saying - are you saying the forums user changed somehow?
Yes exactly.
Timeline:
Yesterday I joined the forum by cPanel-ID under the name Hackle, but not setting an extra password, opened this thread and got your reply.

I have the email confirmation from creating the thread.

Todays morning I couldn't login in to my account via cPanel-ID nor with the name Hackle.
The thread creator was then kdav850, although this user joined into the forum at 7:59 today.

I then logged in again with my cPanel ID and used the name Hackle and now additionally set a password.
 

Hackle

Member
Aug 18, 2021
8
1
3
Germany
cPanel Access Level
Root Administrator
Anyway, the account I created yesterday and started the thread with has disappeared or been deleted.

But I definitely have the confirmation email for the creation of the thread.

The account with which I now write I have recreated with the same name.
 

Hackle

Member
Aug 18, 2021
8
1
3
Germany
cPanel Access Level
Root Administrator
How the connection to the account kdav850 comes about, I do not know and kdav850 is definitely not my account.

But just the fact that the thread was opened yesterday evening and the user kdav850 has logged in for the first time only this morning, suggests an error.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,494
1,009
313
cPanel Access Level
Root Administrator
Alrighty - that turned out to be very interesting. It turns out there was a database sync issue last night where one server had the Hackle user, and one server had the kdav850 user, and those both overlapped for a brief period of time.

In order to avoid any confusion I've removed the kdav850 user and renamed it so it no longer shows up in the post here. You can continue using the Hackle account with no problems. I'm sorry this happened, but due to this we can confirm that although things looked odd, there were no security issues.
 
  • Like
Reactions: Hackle

Hackle

Member
Aug 18, 2021
8
1
3
Germany
cPanel Access Level
Root Administrator
Alrighty - that turned out to be very interesting. It turns out there was a database sync issue last night where one server had the Hackle user, and one server had the kdav850 user, and those both overlapped for a brief period of time.

In order to avoid any confusion I've removed the kdav850 user and renamed it so it no longer shows up in the post here. You can continue using the Hackle account with no problems. I'm sorry this happened, but due to this we can confirm that although things looked odd, there were no security issues.
Okay, I'm glad there are no security issues!

In the meantime I found out the corresponding NGINX config.
The thread can be marked as solved.

If someone is interested in the solution, I can provide it.
 

Hackle

Member
Aug 18, 2021
8
1
3
Germany
cPanel Access Level
Root Administrator
MY SOLUTION:

Make sure you have created the subdomain you want to use and have docker up and running.

To redirect the subdomain to the IP:port of the Docker containers on a cPanel server, a configuration file must be created in

Code:
/etc/nginx/conf.d/*.conf
containing the appropriate server blocks.

Most of the Code I have found and copied from the /etc/nginx/conf.d/users/"cpaneluser".conf in the subdomain section

NGINX:
server{
    listen 443 ssl http2;

    server_name sub.domain.com;

    ssl_certificate /var/cpanel/ssl/apache_tls/sub.domain.com/combined;
    ssl_certificate_key /var/cpanel/ssl/apache_tls/sub.domain.me/combined;

    ssl_protocols TLSv1.2 TLSv1.3;
    proxy_ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
   
    root /home/"cpaneluser"/sub.domain.com;

    location / {
        proxy_cache $CPANEL_PROXY_CACHE;
        proxy_no_cache $CPANEL_SKIP_PROXY_CACHING;
        proxy_cache_bypass $CPANEL_SKIP_PROXY_CACHING;

        proxy_cache_valid 200 301 302 60m;
        proxy_cache_valid 404 1m;
        proxy_cache_use_stale error timeout http_429 http_500 http_502 http_503 http_504;
        proxy_cache_background_update on;
        proxy_cache_revalidate on;
        proxy_cache_min_uses 1;
        proxy_cache_lock on;

        include conf.d/includes-optional/cpanel-proxy.conf;
        proxy_pass http://127.0.0.1:PORT-TO-DOCKER-CONTAINER;
    }

    include conf.d/server-includes/cpanel-static-locations.conf;

    include conf.d/users/"cpaneluser"/*.conf;
    include conf.d/users/"cpaneluser"/sub.domain.com/*.conf;
}
Most of the Code I have found and copied from the /etc/nginx/conf.d/users/"cpaneluser".conf in the subdomain section
After that rebuild the NGINX config.

Maybe there is a better solution, then I am open to suggestions, but I hope this helps someone else as well.
 
  • Like
Reactions: cPRex