4: Firing up the proxy
The 0.1 release used CADDY for local development, as of v0.2 we'll use NGINX for all environments.
|-- certs-available
| |-- dhparam.pem
| |-- local.cert.pem
| |-- local.key.pem
|-- certs-enabled
|-- nginx.conf
|-- nginxconfig.io
| |-- general.conf
| |-- proxy.conf
| |-- security.conf
|-- sites-available
| |-- es-connector.local.conf
|-- sites-enabled
The github repo has the complete setup for local development using the es-connector.local domain including an self-signed certificate. If you want to use another domain, just copy the es-connector.local.conf to a new file and make the modifications.
Creating your own local-dev certificate can be done using mkcert (OSX, Linux):
mkcert -install
mkdir -p certs
mkcert -cert-file certs/local.cert.pem -key-file certs/local.key.pem es-connector.local
Remember to copy the needed files from the certs-available/sites-available to certs-enabled/sites-enabled directories.
Logs
To use logrotation on the nginx logs we created a directory (/var/log/nginx) on the host system and mapped that using the docker compose file. That way the logs are easier accessible.
volumes:
- /var/log/nginx/:/var/log/nginx
Added logrotation config:
Use your favo editor to create: /etc/logrotate.d/nginx.logrotate
/var/log/nginx/*log {
daily
rotate 30
missingok
notifempty
sharedscripts
compress
delaycompress
postrotate
docker kill -s USR1 nginx >/dev/null 2>&1
endscript
}
Note: the docker kill -s USR1 nginx >/dev/null 2>&1 doesn't kill the nginx proces but forces a reload of the logs.
Just run docker compose up --build -d
When all containers are running, docker ps shows the running containers:
As you can see only ports 443 and 5601 (Kibana) are exposed on localhost. The other ports only within the Docker network.