{"id":19142709,"url":"https://github.com/jgaa/nginx-swarm-proxy","last_synced_at":"2025-09-10T23:33:33.121Z","repository":{"id":68076500,"uuid":"141470045","full_name":"jgaa/nginx-swarm-proxy","owner":"jgaa","description":"Docker container to use stock Nginx as an adaptable front-end for Docker Swarm services","archived":false,"fork":false,"pushed_at":"2018-07-19T06:02:34.000Z","size":8,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-03T15:32:14.443Z","etag":null,"topics":["docker-swarm","load-balancer","nginx","proxy"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jgaa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-07-18T17:47:46.000Z","updated_at":"2021-10-14T23:51:06.000Z","dependencies_parsed_at":null,"dependency_job_id":"d7f83bb0-ddae-49cd-a6c5-97cdb97361d3","html_url":"https://github.com/jgaa/nginx-swarm-proxy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jgaa%2Fnginx-swarm-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jgaa%2Fnginx-swarm-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jgaa%2Fnginx-swarm-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jgaa%2Fnginx-swarm-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jgaa","download_url":"https://codeload.github.com/jgaa/nginx-swarm-proxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240223850,"owners_count":19767654,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker-swarm","load-balancer","nginx","proxy"],"created_at":"2024-11-09T07:28:13.811Z","updated_at":"2025-02-22T19:22:48.532Z","avatar_url":"https://github.com/jgaa.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Nginx for Docker Swarm Services\n\nThis is a stock Nginx container with a very simple configuration file that simply do a reverse proxy of any request to a Docker Swarm service. The service-name is part of the request-url.\n\nSay you have Docker Swarm service named *voldemort*, running on an overlay network named *api-internal*. If you start a service with this nginx image, using the same network, and give it a reachable port, it will forward your request to port 8080 on that service.\n\n# Background\n\nI wrote a Docker Swarm service that will be deployed in large numbers, using unique names (thousands of service-names for the same Docker image, just with a some individual configuration). When I looked for a simple way to expose them to the micro-services that will use them, (no containers, no Swarm) I found nothing. I found projects that tried to configure nginx, [HAProxy](http://www.haproxy.org/) and other load balancers via REST, or automatically when services were added or removed. But nothing - simple - nothing that just works out of the box. So I discussed the problem with a friend, and after some feedback from him, and some more research, I came up with this solution.\n\nBasically, we just suck the service-name (which is a dns entry in the overlay network) out of the url, assign it to a variable, and do a reverse proxy operation to whatever is in that variable.\n\n```\n    location ~ ^/proxy/(?\u003csite\u003e[^/]+)/? {\n        rewrite ^.*\\/proxy\\/(?\u003csite\u003e[^\\/]+)\\/?(.*) /$2 break;\n        proxy_pass http://$site:8080;\n    }\n```\n\nIn this case the service is running on port 8080, so we forward to that port.\n\n# A simple example\n\nIn this example I run commands on a node in a Swarm.\n```sh\n$ docker network create  --driver overlay api-internal\ns8rzqedokarlg5hywv9isyku1\n\n$ docker service create --name voldemort -e SERVICE_NAME=Voldemort --network api-internal --replicas 4 jgaafromnorth/rest-diag-svc\n7og8izi0cu1k276vxeqn24bfw\noverall progress: 4 out of 4 tasks\n1/4: running   [==================================================\u003e]\n2/4: running   [==================================================\u003e]\n3/4: running   [==================================================\u003e]\n4/4: running   [==================================================\u003e]\n\n$ docker service create --name proxy -p 80:80 --network api-internal --replicas 2 jgaafromnorth/nginx-swarm-proxy\n\noverall progress: 2 out of 2 tasks\n1/2: running   [==================================================\u003e]\n2/2: running   [==================================================\u003e]\nverify: Service converged\n\n$ docker service ls\nID                  NAME                MODE                REPLICAS            IMAGE                                    PORTS\noz71x1igkwkz        proxy               replicated          2/2                 jgaafromnorth/nginx-swarm-proxy:latest   *:80-\u003e80/tcp\n7og8izi0cu1k        voldemort           replicated          4/4                 jgaafromnorth/rest-diag-svc:latest\n\n```\n\nAnd now, let's send a query to voldemort, via the proxy\n\n```sh\n$ curl \"http://127.0.0.1/proxy/voldemort/search/adversaries?first_name=Harry\u0026last_name=Potter\"\n```\n\nThe response in my case, using an image for *voldemort* that just returns diagnostics data:\n\n```json\n{\n    \"service\": \"Voldemort\",\n    \"host\": \"545e96dc95ad\",\n    \"request\": \"/search/adversaries?first_name=Harry\u0026last_name=Potter\",\n    \"method\": \"GET\",\n    \"headers\": {\n        \"x-forwarded-for\": \"10.255.0.2\",\n        \"host\": \"127.0.0.1/proxy/voldemort\",\n        \"x-forwarded-proto\": \"http\",\n        \"connection\": \"close\",\n        \"user-agent\": \"curl/7.54.1\",\n        \"accept\": \"*/*\"\n    },\n    \"from\": \"::ffff:10.0.0.58\"\n}\n```\n\n# Prebuilt image\n\nAn image built from this project's Dockerfile is available from [Docker Hub](https://hub.docker.com/r/jgaafromnorth/nginx-swarm-proxy/)\n\n```sh\n$ docker pull jgaafromnorth/nginx-swarm-proxy\n```\n\n# A word of Caution!\n\nMy use-case is for services and consumers that run inside a secure environment. The proxies are not receiving any requests from Internet, or even from corporate networks, except for the servers that will consume them. If you deploy this thing in an insecure environment, make sure to harden it so you don't open up an anonymous proxy-server to the Internet (or to your internal network).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjgaa%2Fnginx-swarm-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjgaa%2Fnginx-swarm-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjgaa%2Fnginx-swarm-proxy/lists"}