tklx/nginx - Web server
Nginx (pronounced "engine x") is a web server, load balancer and reverse proxy with a strong focus on performance, high concurency (over 10,000 simultaneous connections), and low memory usage. It powers many of the world's largest websites.
Features
- Based on the super slim tklx/base (Debian GNU/Linux).
- Nginx installed directly from Debian.
- Uses tini for zombie reaping and signal forwarding.
- Includes
EXPOSE 80 443, so standard container linking will make it automatically available to the linked containers. - Can be coupled with another container to provide SSL access and/or proxying.
- Configured to forward access and error logs to docker log collector.
Usage
Simple static site hosting
From host
$ docker run --name some-nginx -v /some/content:/var/www/html:ro -d tklx/nginx$ docker run --name some-nginx -v /some/content:/var/www/html:ro -v /some/config/file:/etc/nginx/sites-available/default:ro -d tklx/nginxFrom host (cleaner solution with Dockerfile)
$ ls html/ default Dockerfile $ cat Dockerfile FROM tklx/nginx COPY html /var/www/html COPY default /etc/nginx/sites-available/default $ docker build -t some-content . $ docker run --name some-nginx -d some-content
From another container
$ docker run --name some-content -v /var/www/html some-content $ docker run --name some-nginx --volumes-from=some-content -d tklx/nginx
Exposing the port
Specific port
$ docker run --name some-nginx -d -p 8080:80 tklx/nginxDocker-chosen port
$ docker run --name some-nginx -dP tklx/nginx $ docker port some-nginx 443/tcp -> 0.0.0.0:32770 80/tcp -> 0.0.0.0:32771
Setting up HTTPS websites
$ docker run --name some-certs -v /etc/ssl/private:ro -d cert-provider $ docker run --name some-config -v /etc/nginx/ -d config-provider $ docker exec some-config cat /etc/nginx/sites-enabled/www.example.com server { listen 443 ssl; server_name www.example.com; ssl_certificate /etc/ssl/private/www.example.com; ssl_certificate_key /etc/ssl/private/www.example.com.key; root /var/www; } $ docker run --name some-nginx --volumes-from=some-certs --volumes-from=some-config -d tklx/nginx
We recommend using the official guidelines to set up your SSL server correctly.
Setting up a reverse proxy
$ docker run --name some-app -v /var/www -v /etc/nginx/sites-available -d backend-app $ docker run --name some-nginx --volumes-from=some-app --link some-app:some-app -d tklx/nginx $ docker exec some-nginx ls /etc/nginx/sites-enabled/ some-app-site $ docker exec some-nginx cat /etc/nginx/sites-enabled/some-app-site server { listen 80 default_server; server_name www.example.com; root /var/www; location / { try_file $url $url/ @backend = 404; } location @backend { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://some-app/; proxy_redirect default; } }
Setting up a reverse proxy with SSL termination
$ docker run --name some-certs -v /etc/ssl/private:ro -d cert-provider $ docker run --name some-app -v /var/www -v /etc/nginx/sites-available -d backend-app $ docker run --name some-nginx --volumes-from=some-app --volumes-from=some-certs --link some-app:some-app -d tklx/nginx $ docker exec some-nginx ls /etc/nginx/sites-enabled/ some-app-site $ docker exec some-nginx cat /etc/nginx/sites-enabled/some-app-site server { listen 80 default_server; server_name www.example.com; listen 443 ssl default_server; root /var/www; ssl_certificate /etc/ssl/private/www.example.com.pem; ssl_certificate_key /etc/ssl/private/www.example.com.key; location / { try_file $url $url/ @backend = 404; } location @backend { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_pass http://some-app/; proxy_redirect default; } }
For further info on SSL termination, please refer to the official documentation.
Tips
To disable access and/or error logs forwarding to the docker log
collector, the following environmental variables can be set:
NOSTDOUTREDIR NOSTDERRREDIR.
Automated builds
The Docker image is built, tested and pushed by CircleCI from source hosted on GitHub.
- Tag:
x.y.zrefers to a release (recommended). - Tag:
latestrefers to the master branch.
Status
Currently on major version zero (0.y.z). Per Semantic Versioning, major version zero is for initial development, and should not be considered stable. Anything may change at any time.
Issue Tracker
TKLX uses a central issue tracker on GitHub for reporting and tracking of bugs, issues and feature requests.