To expose CDT.cloud and make it accessible from any browser, I opted for the following stack:

  • NGINX as web server, configured for reverse proxying requests to CDT.cloud
  • LetsEncrypt to get free SSL certificates

Configuring NGINX and LetsEncrypt

To simplify this task I used NGINX with LetEncrypt proxy companion. I put the final configuration in a docker compose configuration file. To load the nginx environment:

docker-compose -f nginx-proxy-compose.yaml up -d

After that, I can manage the reverse proxy configuration at the level of the web application I want to expose, using environment variables.

Attaching CDT.cloud to nginx-proxy

I created an additional docker-compose configuration file for CDT.cloud, which looks like this:

version: '2.2'

services:
        ads-cloud:
                restart: always
                image: cdt-cloud-blueprint:latest
                environment:
                        - VIRTUAL_HOST=.ads.n-ri.co
                        - VIRTUAL_PORT=3000
                        - LETSENCRYPT_HOST=ads.n-ri.co
                networks:
                        - proxy-tier
networks:
        proxy-tier:
                external:
                        name: nginx-proxy

Noteworthy aspects of this configuration:

  • environment
    • VIRTUAL_HOST=.ads.n-ri.co: with this I am asking nginx-proxy to create a reverse proxy configuration to serve the domain *.ads.n-ri.co with the cdt blueprint application. Note the dot at the beginning of the pattern. That is necessary to serve any url in the form aaa.bbb.ads.n-ri.co, as explained in the NGINX server_name documentation.

DNS Configuration

The last thing to do is to enable Internet to correctly route all requests to the right IP address. I added the following two rows to my dns configuration.

ads                IN A 88.198.161.42
*.ads              IN CNAME ads

Note the use of a wildcard host name, necessary to route requests in the form aaa.bbb.ads..