pedroreinarojas.com
flag-english-language
flag-spanish-language

Integrate Docker Containers into VestaCp or HestiaCP

image-cover

How to integrate Docker containers into VestaCp in less than 20 minutes and not die trying, with this simple guide. πŸ˜€

VestaCp or its new fork HestiaCP is based on the public exposure of each domain/site, using the same mechanisms for each of them.
Except those that use templates other than the default, and I'm going to talk about this in order to be able to "bridge" listening with a site that works within a Docker.

The default mechanism is to receive visits from nginx (if it is installed and activated on the site), and redirect it to apache. And this is the one in charge of processing the data with php or whatever language.

The quick way, or point-blank, is to configure the Apache virtual server from the console, so that it acts as a reverse proxy (after activating the proxy in Apache), and this directs the traffic to the public port of the dockerized site.

While this can be entertaining, it is not the best way to do it in VestaCp, nor will it be permanent.
Why?
Well, because when we restart VestaCp we will lose this custom configuration. (Because VestaCp rewrites the configuration files)

Solution, integrate Docker into VestaCp, using the nginx templates so that it creates the configurations according to the needs of each site.

If you don't know what docker is, go here: docker and docker-compose

The official VestaCp documentation is available at: https://vestacp.com/docs/ or https://docs.hestiacp.com/, but they don't explain how to create a template, they just mention it.

Create the nginx template to use a docker container as a web traffic receiver

Very simple.
In /usr/local/vesta/data/templates/web/nginx
(in my case, since hestiaCp doesn't have vesta in the path, but it's almost the same)

Look at the appearance of the files.
For each template there are 2 files, one file with the extension «tpl», and another file with the extension «stpl»
These refer to the http and https connection template.

Nginx template for a docker container
Nginx template for a docker container

Let's go to the content of each one of them.

Tpl file:

server {
    listen      %ip%:%proxy_port%;
    server_name %domain_idn% %alias_idn%;
        
    include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;

    location / {
        proxy_pass      http://%ip%:[DOCKER-PORT];
        location ~* ^.+\.(%proxy_extentions%)$ {
            root           %docroot%/[FOLDER-SITE];
            access_log     /var/log/%web_system%/domains/%domain%.log combined;
            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
            expires        max;
            try_files      $uri @fallback;
        }
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      http://%ip%:[DOCKER-PORT];
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include %home%/%user%/conf/web/%domain%/nginx.conf_*;
}

Stpl file:

server {
    listen      %ip%:%proxy_ssl_port% ssl http2;
    server_name %domain_idn% %alias_idn%;
    ssl_certificate      %ssl_pem%;
    ssl_certificate_key  %ssl_key%;
    ssl_stapling on;
    ssl_stapling_verify on;
    error_log  /var/log/%web_system%/domains/%domain%.error.log error;

    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;

    location / {
        proxy_pass      http://%ip%:[DOCKER-PORT];
        location ~* ^.+\.(%proxy_extentions%)$ {
            root           %sdocroot%/[FOLDER-SITE];
            access_log     /var/log/%web_system%/domains/%domain%.log combined;
            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
            expires        max;
            try_files      $uri @fallback;
        }
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      http://%ip%:[DOCKER-PORT];
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}

include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; }

In both files we have to change:
[DOCKER-PORT]: The port of our docker waiting for traffic
[FOLDER-SITE]: The web folder that VestaCp or HestiaCp has created

After this we restart the vestacp and nginx service.
And when returning to the VestaCP or HestiaCP control panel, when editing the site, in Nginx Template we should to see our new template in the list.

Select the docker container template in Vestacp or Hestiacp

And since a picture is worth a thousand words, I'll end by attaching the image where we select the created template.
Where it says "Proxy Template".

Docker container template selection in
vestacp/hestiacp
Docker container template selection in vestacp/hestiacp

When we select the template, we do not need to restart any service, because vestacp does it automatically.

Once this is done, the Domain traffic should be received by docker.
If not, we will have to check the docker instance and port, as well as its logs to verify the problem.

{ % get_add_id page_id 7 %}

Document created by Pedro Reina Rojas
12 de April de 2020