I'm having 2 docker containers running nginx. The first container acts as a reversed proxy which directs traffic to the second container. The second container is where the website files reside. The proxy container has port 80 and 443 exposed to public.
In the case of HTTPS, my intention is for the proxy container to direct the traffic to and let the nginx on the actual website's container to handle the SSL.
Through this, I hope that I can keep the nginx config file on the proxy container simpler and easier maintain as the SSL configurations are all set and handled by the nginx in the respective website's containers.
Here's the nginx config file of the proxy container:
upstream mywebsite {
server website-container;
}
server {
listen 80 default deferred;
listen 443 deferred;
server_name mywebsite.com www.mywebsite.com;
location / {
proxy_pass $scheme://mywebsite;
}
}
... other server blocks for other domains ...
And here's the nginx config file of the container website-container to which the proxy container will “proxy pass”:
server
{
listen 80;
server_name mywebsite.com;
return 301 https://www.mywebsite.com$request_uri;
}
server
{
listen 443;
listen [::]:443 ssl http2;
server_name mywebsite.com;
ssl_certificate /var/www/html/cert.pem;
ssl_certificate_key /var/www/html/key.pem;
root /var/www/html;
}
However, when I access the site through HTTPS, I'm always getting a connection refused error.
I've tried removing the redirection to HTTPS and it appears that the HTTP site is working. So the error must have something to do with HTTPS or port 443.
Is there anything wrong with my configuration file? How can I have the proxy container to hand over the HTTPS traffic to the nginx in the website's container, website-container?
