Hosting with free HTTPS in 5 minutes

Sun, Apr 1, 2018

Aim of this post is to create hosting for your web application (or blog or webpage or anything-what-hosting-is-for) with free SSL certificate, so your page can be accessed securely with HTTPS. Certificate creation and renewal is going to be fully automated and adding new website is as simple as adding another Docker container.

This solution uses Let’s Encrypt certificates and is based on Docker containers.

Most of the steps described here you can also find in evertramos/docker-compose-letsencrypt-nginx-proxy-companion GitHub repository and has been copied and slightly arranged for my needs.

What NOT to expect

This post is not describing how to set up LAMP/LLMP/WAMP nor how to properly set PHP, Java or any other language/technology for hosting. It also should not be treated as full guide to set production-ready, secured VPS server with hosting capabilities.

How does it work

This solution is a combination of few tools:

• Nginx - reverse proxy and TLS termination
• docker-gen - generate Nginx configuration based Docker information
• letsencrypt-nginx-proxy-companion - allows the creation/renewal of Let’s Encrypt certificates automatically

Prerequisites

• Linux server where you can install Docker e.g.:
  • VPS (e.g. Aruba Cloud from 1€/month) or
  • DigitalOcean droplet or
  • bare metal computer with internet access and (preferably) static public IP address.
• Domain name set up and pointing to your server.
• Docker installed on server (see Docker installation guide).
• Docker compose installed on server (see Docker compose installation guide)

Ready, set, go!

1. Clone Git repository:

    $ git clone https://github.com/evertramos/docker-compose-letsencrypt-nginx-proxy-companion.git
   

2. Make a copy of .env.sample and rename it to .env:

    $ cd docker-compose-letsencrypt-nginx-proxy-companion
    $ cp .env.sample .env
   

3. Edit .env and change lines:

   • IP=0.0.0.0 - put your public IP address (you can find by running curl v4.ifconfig.co)
   • NGINX_FILES_PATH=/path/to/your/nginx/data - path should point to some directory you have write access (e.g. /home/your-user/nginx)

4. Run script

    $ ./start.sh
   

5. Run your application in Docker.

   In this example this is simple static webpage. I am using httpd:alpine docker image to host this blog generated by Hugo.

    $ docker run -d -e VIRTUAL_HOST=your.domain.com \
          -e LETSENCRYPT_HOST=your.domain.com \
          -e LETSENCRYPT_EMAIL=your.email@your.domain.com \
          --network=webproxy \
          --name my_app \
          -v /path/to/files/on/host:/usr/local/apache2/htdocs/ \
          httpd:2.4
   

   If you want to host something more sophisticated, replace httpd:alpine Docker image (e.g. openjdk for Spring Boot application or php:apache for PHP application) and mount the resources as Docker volume accordingly.

6. Wait few minutes for your certificate to be generated and set up.

   Now you should be able to visit your application under https://your.domain.com.

Additional resources

• Learn how to secure your VPS