initial commit

Dockerfile

@@ -0,0 +1,3 @@
+FROM staticfloat/nginx-certbot
+COPY nginx.conf /
+COPY configs.sh /scripts/startup/

README.md

@@ -0,0 +1,13 @@
+# proxy
+
+SSL reverse proxy for demos.tf
+
+## Usage
+
+start the container with the following env variables
+
+- `TARGET`: the hostname of the target container
+- `EMAIL`: the email to use for certbot
+- `HOST`: the base host to get the certificates for
+
+Note that `$HOST`, `api.$HOST` and `static.$HOST` need to point to this container 

configs.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+sed -e "s/\${SOURCE}/$HOST/" -e "s/\${TARGET}/$TARGET/" nginx.conf > /etc/nginx/conf.d/$HOST.conf
+sed -e "s/\${SOURCE}/api.$HOST/" -e "s/\${TARGET}/$TARGET/" nginx.conf > /etc/nginx/conf.d/api.$HOST.conf
+sed -e "s/\${SOURCE}/static.$HOST/" -e "s/\${TARGET}/$TARGET/" nginx.conf > /etc/nginx/conf.d/static.$HOST.conf

nginx.conf

@@ -0,0 +1,16 @@
+server {
+    listen              443 ssl;
+    server_name         ${SOURCE};
+    ssl_certificate     /etc/letsencrypt/live/$HOST/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$HOST/privkey.pem;
+
+    location / {
+        proxy_pass http://${TARGET};
+        proxy_set_header Host $host;
+        proxy_connect_timeout 600;
+        proxy_send_timeout 600;
+        proxy_read_timeout 600;
+        send_timeout 600;
+        client_max_body_size 100M;
+    }
+}