- Thread Author
- #1
In this guide I'll show you how to set up a reverse proxy using Nginx in Docker and automatic .conf and SSLs generated by Let's encrypt.
docker compose up -d
- jwilder/nginx-proxy – for auto-detecting services via Docker labels
- jrcs/letsencrypt-nginx-proxy-companion – for automatic SSL cert issuing & renewal
1. Create external Docker network
docker network create nginx-proxy2. Setup Nginx Proxy & Let's Encrypt Companion
Save this as /opt/stacks/nginx-proxy/docker-compose.yml:
YAML:
#version: '3'
services:
nginx-proxy:
image: jwilder/nginx-proxy:alpine
container_name: nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- nginx-conf:/etc/nginx/conf.d
- nginx-vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- certs:/etc/nginx/certs:ro
networks:
- nginx-proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt
restart: always
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- nginx-conf:/etc/nginx/conf.d
- nginx-vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- certs:/etc/nginx/certs:rw
depends_on:
- nginx-proxy
networks:
- nginx-proxy
volumes:
nginx-conf:
nginx-vhost:
html:
certs:
networks:
nginx-proxy:
external: true
3. Launch the proxy stack
cd /opt/stacks/nginx-proxydocker compose up -d
4. Deploy a service (example: Flowise)
Save this as /opt/stacks/flowise/docker-compose.yml:
YAML:
#version: '3'
services:
flowise:
image: flowiseai/flowise
container_name: flowise
restart: always
environment:
- VIRTUAL_HOST=sub.domain.com
- VIRTUAL_PORT=3000
- LETSENCRYPT_HOST=sub.domain.com
- [email protected]
expose:
- "3000"
networks:
- nginx-proxy
networks:
nginx-proxy:
external: true
5. Launch the service
Code:
cd /opt/stacks/flowise
docker compose up -d
6. Repeat for other services
Each service needs:- To join the nginx-proxy external network
- VIRTUAL_HOST, LETSENCRYPT_HOST, LETSENCRYPT_EMAIL variables
- expose instead of ports unless you need local dev access
7. Done!
Let’s Encrypt will auto-issue the certificate via HTTP-01 challenge. No manual certbot steps needed. HTTP is redirected to HTTPS automatically.Troubleshooting
- Use docker logs <container> to inspect problems
- Make sure domain DNS is pointing to your server before launching the service
- Certificates are stored in /etc/nginx/certs inside the proxy container