A preconfigured Docker Cloud Stack for running EYC3 Services.
See this blog post for more detail.
See docker-cloud.yml for reference.
This stack provides the following:
- An optimised Nginx reverse proxy
- automated (creation and renewal) SSL/TLS encryption using Let's Encrypt
- which enables serving HTTP/2 for supported clients
A variant of the docker-gen project, supporting Docker Cloud, is used in conjunction with a
Nginx Alpine based image in the "Seperate Container Install"
configuration to provide the reverse proxying. The Alpine version of the official Nginx image allows the use of HTTP/2.
Unfortunately the jessie based image does not yet support HTTP/2 because of this issue.
Nginx is optimised for serving instances using the nginx-proxy-template image.
The docker-gen-docker-cloud image is used to watch for new services and automatically reload the Nginx proxy (by redeploying the Nginx Service) with the relevant Nginx server blocks configuration.
The docker-letsencrypt-nginx-proxy-companion image is used to allow automatic creation and renewal
of Let's Encrypt issued certificates for proxied instances. The docker-letsencrypt-nginx-proxy-companion-docker-cloud
image is a fork of docker-letsencrypt-nginx-proxy-companion
but with support for Docker Cloud.
By default the Let's Encrypt staging URI (ACME_CA_URI=https://acme-staging.api.letsencrypt.org/directory) is used.
This is to facilitate testing and to prevent unwanted rate limiting issues.
Please make sure to switch to the production URI, https://acme-v01.api.letsencrypt.org/directory, when needed (see docker-cloud.yml).
To build the docker-gen-docker-cloud and nginx-proxy-template images, use Docker Compose
with docker-compose build.