How to integrate Docker containers into VestaCp in less than 20 minutes and not die trying, with this simple guide. π
VestaCp or its new fork HestiaCP is based on the public exposure of each domain/site, using the same mechanisms for each of them.
Except those that use templates other than the default, and I'm going to talk about this in order to be able to "bridge" listening with a site that works within a Docker.
The default mechanism is to receive visits from nginx (if it is installed and activated on the site), and redirect it to apache. And this is the one in charge of processing the data with php or whatever language.
The quick way, or point-blank, is to configure the Apache virtual server from the console, so that it acts as a reverse proxy (after activating the proxy in Apache), and this directs the traffic to the public port of the dockerized site.
While this can be entertaining, it is not the best way to do it in VestaCp, nor will it be permanent.
Why?
Well, because when we restart VestaCp we will lose this custom configuration. (Because VestaCp rewrites the configuration files)
Solution, integrate Docker into VestaCp, using the nginx templates so that it creates the configurations according to the needs of each site.
If you don't know what docker is, go here: docker and docker-compose
The official VestaCp documentation is available at: https://vestacp.com/docs/ or https://docs.hestiacp.com/, but they don't explain how to create a template, they just mention it.
Very simple.
In /usr/local/vesta/data/templates/web/nginx
(in my case, since hestiaCp doesn't have vesta in the path, but it's almost the same)
Look at the appearance of the files.
For each template there are 2 files, one file with the extension «tpl», and another file with the extension «stpl»
These refer to the http and https connection template.
Let's go to the content of each one of them.
Tpl file:
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
location / {
proxy_pass http://%ip%:[DOCKER-PORT];
location ~* ^.+\.(%proxy_extentions%)$ {
root %docroot%/[FOLDER-SITE];
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass http://%ip%:[DOCKER-PORT];
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/%domain%/nginx.conf_*;
}
Stpl file:
server {
listen %ip%:%proxy_ssl_port% ssl http2;
server_name %domain_idn% %alias_idn%;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
ssl_stapling on;
ssl_stapling_verify on;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
location / {
proxy_pass http://%ip%:[DOCKER-PORT];
location ~* ^.+\.(%proxy_extentions%)$ {
root %sdocroot%/[FOLDER-SITE];
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass http://%ip%:[DOCKER-PORT];
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; }
In both files we have to change:
[DOCKER-PORT]: The port of our docker waiting for traffic
[FOLDER-SITE]: The web folder that VestaCp or HestiaCp has created
After this we restart the vestacp and nginx service.
And when returning to the VestaCP or HestiaCP control panel, when editing the site, in Nginx Template we should to see our new template in the list.
And since a picture is worth a thousand words, I'll end by attaching the image where we select the created template.
Where it says "Proxy Template".
When we select the template, we do not need to restart any service, because vestacp does it automatically.
Once this is done, the Domain traffic should be received by docker.
If not, we will have to check the docker instance and port, as well as its logs to verify the problem.
{ % get_add_id page_id 7 %}