How to Secure Your Applications with HTTPS Using Docker, NGINX, and Let's Encrypt

Рет қаралды 25,915

Күн бұрын

In this guide, you will learn how to secure your web app with SSL by utilizing Docker, NGINX, and Lets Encrypt.
Original Post: www.programonaut.com/setup-ss...
---
Hostinger VPS: pgnt.xyz/hostinger-vps - for everyone
Netcup VPS: pgnt.xyz/netcup-vps - for german users
Hostinger Domain: pgnt.xyz/hostinger-domain
Netcup Domain: pgnt.xyz/netcup-domain - for german users
Discord Community: pgnt.xyz/discord
Hostinger links are affiliate links.
---
00:00 Intro
00:37 Docker Container
03:00 Reverse Proxy using NGINX
06:10 SSL Certificates with Let's Encrypt
13:55 Auto-Renewal
15:45 Conclusion

Пікірлер: 46

@thenetimp 3 ай бұрын

nice video i like how you handled certbot however I recommend using "--keep-until-expiring" instead of "--force-renewal" that way if the server reboots it doesn't force renewing the certificate, but if it needs a renewal it'll happen.

@santoshr25 Жыл бұрын

Great first video! Thanks a ton!

@khawan5534 5 ай бұрын

well done, clear and simple

@user-mq3ty8bu6v 4 ай бұрын

This is a very informative and well-structured video. It is easy to follow and even without a lot of theory I now know what a reverse proxy is, how domains work and how I can use them in practice. Keep it up ^^

@ShaunDePonte Жыл бұрын

It is a good video! definitely helped me. thank you

@grimkasad4183 Жыл бұрын

Awasome! Realy helpfull.

@Dayogg 4 ай бұрын

Thank you, this worked.

@user-ob3hr2nx6t 6 ай бұрын

Amazing video! very informative!

@programonaut-yt 6 ай бұрын

Happy it helped you :)

@eloytekila 5 ай бұрын

Man this help me a lot, tis

@joeblack8843 Ай бұрын

great job mein freund.

@shahidiqbal1761 2 ай бұрын

well done.

@ismailuwair187 9 ай бұрын

like it mr. german hehe ;)

@milosmilic1980 Жыл бұрын

Thank you maestro! You saved my day! _o/🥳

@programonaut-yt Жыл бұрын

Glad I could help :)

@sidilekhalifa7320 4 ай бұрын

thank you

@Om-lb5vb 8 ай бұрын

Thanks a lot !!!!

@programonaut-yt 6 ай бұрын

You are welcome! Glad I could help :)

@mohammadfarooqi Ай бұрын

Hey thanks for the awesome video. where can we find the next part as mentioned in the video (automation)

@user-xs9yb2hl9i 9 күн бұрын

this docker container runs successfully on the VPS, but how can i run it locally? It would be great to use this docker-compose config locally and afterwards push it somehow to my VPS

@thinhoduy4988 8 ай бұрын

Thanks. I want to set up a CI/CD, do I need to run the certbot command every time I use the git action? I am so confused about that.

@programonaut-yt 8 ай бұрын

Hi, this setup has nothing to do with CI/CD, it is to secure your web application. You should only have to do it once in the beginning, then the certificate exists and then you have to run it whenever the certificate is about to expire. I hope that helped. If not can you explain a bit more what the problem is and what you are trying to achieve? :)

@Sealis04 20 күн бұрын

Does this auto renew the ssl certificate? Or do I have to setup a separate cron job for that?

@necrotikS 2 ай бұрын

What if I don't have port 80 opened in my router? Is there any way to do this without it opened?

@ezjung Жыл бұрын

Thanks for the lecture. I followed the direction and found that static files not serving after SSL certificate acquired. What could it be the probelm? After searching google, I changed the permission and moved the static file location under /var/www/html/static but no use. Thanks in advance!

@programonaut-yt Жыл бұрын

Hello, I checked your configuration you commented on the blog post. Did the serving of static files worked with nginx and only using http? Normally giving it a SSL certificate does not change the way static files are served, so I would rather check inside your django application. When I set up django for a project I also had some problems with static files, so I guess that the problem lays there.

@chaselamkin Жыл бұрын

Thank you so much I was banging my head on the wall over this one. Could you give advice on doing these steps for a subdomain too, do I need a subdomain certificate?

@programonaut-yt Жыл бұрын

Hi, you can just repeat the steps for the subdomain. As soon as you have multiple projects something a bit more automated will definitely help you. Check out this video on caddy, it will take care of the certificates for you: kzfaq.info/get/bejne/gLZ5rdSSlp3JlIE.html Hope that helps :)

@programonaut-yt Жыл бұрын

You do not have to create a new certbot container. You can add a new domain using the -d flag.

@chaselamkin6164 Жыл бұрын

@@programonaut-yt thanks so much man you’re a godsend. I had so much trouble yesterday because some website documentation on this was outdated and I didn’t realize subdomain certificates go into the same crt file.

@oussamabadda487 Жыл бұрын

Always Certbot return invalide response from domain 404 This issue make me crazy 🥵

@programonaut-yt Жыл бұрын

@@oussamabadda487 Hi Oussam. Can you explain the issue in more detail or show the error message? 404 means that this location could not be found. Did you create the path to the challenge file?

@what_is_lovechik 5 ай бұрын

How can I do the same for two domains? I have backend and frontend run in docker. Both will have different domains. Nginx will be used as proxy for both as well.

@programonaut-yt 5 ай бұрын

You have to add both to the config file and set up the certificate for both (using Certbot) :) I hope that helps!

@what_is_lovechik 5 ай бұрын

Ok I know how to setup nginx config file for both. But should I add two certbot containers for each app into compose file? Or how can I setup single certbot container for both.

@LuckyImposter Жыл бұрын

Hi there. What will happen if down and up the docker compose 6 times. I know certbot will generate ssl 5 times a day only??? Or doesn't matter?

@programonaut-yt Жыл бұрын

Hi there, this may cause problems, but why do you want to rerun certbot 6 times? You can also do docker compose up to rebuild a specific container, and that way not issuing a new certificate everytime. In addition, maybe have a look at caddy. Caddy takes care of a lot of the headaches for you immediately: kzfaq.info/get/bejne/gLZ5rdSSlp3JlIE.html

@LuckyImposter Жыл бұрын

@@programonaut-yt for example there is 6 Pull request to the github and there is auto deploy? It will hit docker compose? 6 times? This is the scenario. By the way new subscriber here nice content. 😁

@programonaut-yt Жыл бұрын

@@LuckyImposter Glad you like it and thank you :) In this case I would adjust your GitHub in a way that only the containers that change are rebuilt. You can do that by just lining up the container names after the docker-compose up -d command. Another thing you could do (also what I am doing) is to separate each project into their own compose file and having the nginx + certbot in their own file in the root of your projects.

@kalkiscript 2 ай бұрын

Im getting error like connection refused or 404 webroot something

@manavarora397 Ай бұрын

Have you find a solution?

@doncumentarian 5 ай бұрын

Larger font-size please for us laptop users

@jessewillems6465 2 ай бұрын

I have no idea what I'm doing wrong. I'm running a server with my docker containers on it locally on my network which I accessed via duck.dns and everything was working fine before running the certbot but after I ran the certbot I have an SSL certificate on the my site when I access it from my local network but it says the certificate is not valid. and no matter what I try I cannot access the nginx from my duck.dns even though I opened port 80 and 443 on my router.