Go to file

Joachim Lusiardi 973abaeb23 Required Domains extracted at startup

The required domains are now extracted at startup of the
container via the docker socket. A certificate that contains all
domains as common or alternative name is generated and used.

2016-04-08 06:46:00 +02:00

.gitignore

Initial commit

2016-04-03 09:08:55 +02:00

Dockerfile

add code to extract all resolving domains from the containers

2016-04-07 08:03:13 +02:00

haproxy_ssl.conf

First semiworking iteration

2016-04-06 20:26:08 +02:00

haproxy.conf

First semiworking iteration

2016-04-06 20:26:08 +02:00

letencrypt.conf

First semiworking iteration

2016-04-06 20:26:08 +02:00

list_domains.py

Required Domains extracted at startup

2016-04-08 06:46:00 +02:00

NOTES

add code to extract all resolving domains from the containers

2016-04-07 08:03:13 +02:00

README.md

Initial commit

2016-04-03 09:08:55 +02:00

start.py

Required Domains extracted at startup

2016-04-08 06:46:00 +02:00

README.md

SSL Termination using haproxy

This image translates between plain http and https using haproxy.

How it works

       +---------------------+         +--------+
   +---+                     |      +--+        |
-->|443| docker_ssl_endpoint |<---->|80| target |
   +---+                     |      +--+        |
       +----------+----------+         +--------+
                  |
                  |
            +-----+-----+
            | cert data |
            +-----------+

The docker_ssl_endpoint Container listens on port 443 (expose this port for public) availability. All secure connections coming in on this port are handled using the certificates form the cert data volume and passed on to the target container's port 80.

Starting the container

docker run --name ssl_endpoint -v $PATH_TO_CERT_DATA:/data -p $IP:443:443 d --link nginx:target docker_ssl_endpoint