{"id":21957135,"url":"https://github.com/quanglv1996/secure-web-server-with-docker","last_synced_at":"2026-05-09T03:32:07.279Z","repository":{"id":207300203,"uuid":"718914295","full_name":"quanglv1996/secure-web-server-with-docker","owner":"quanglv1996","description":"The source code contains security installation instructions for a web server using SSL. Install a Web server on docker and use docker-compose to build application contianers.","archived":false,"fork":false,"pushed_at":"2023-11-15T03:46:13.000Z","size":3280,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-22T19:31:31.703Z","etag":null,"topics":["certbot-ssl","crontab","docker","docker-compose","nginx","ssl","web-server"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/quanglv1996.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-15T03:30:58.000Z","updated_at":"2024-05-07T02:23:37.000Z","dependencies_parsed_at":null,"dependency_job_id":"753ca7bf-48b1-41e9-92f2-106e12e6f26a","html_url":"https://github.com/quanglv1996/secure-web-server-with-docker","commit_stats":null,"previous_names":["quanglv1996/secure-web-server"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/quanglv1996/secure-web-server-with-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quanglv1996%2Fsecure-web-server-with-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quanglv1996%2Fsecure-web-server-with-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quanglv1996%2Fsecure-web-server-with-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quanglv1996%2Fsecure-web-server-with-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/quanglv1996","download_url":"https://codeload.github.com/quanglv1996/secure-web-server-with-docker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quanglv1996%2Fsecure-web-server-with-docker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278717432,"owners_count":26033539,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-07T02:00:06.786Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certbot-ssl","crontab","docker","docker-compose","nginx","ssl","web-server"],"created_at":"2024-11-29T08:49:55.367Z","updated_at":"2025-10-07T03:41:35.925Z","avatar_url":"https://github.com/quanglv1996.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Secure Web Server With Docker\n\nThis Docker Compose project sets up a web server using Nginx and includes a Certbot service for managing SSL certificates. The web server serves content from the `public_html` directory and supports HTTPS.\n\n![Docker Logo](https://www.docker.com/sites/default/files/d8/styles/role_icon/public/2019-07/Docker-Logo-White-RGB_Vertical.png)\n\n## Prerequisites\n\nBefore you get started, ensure that you have Docker and Docker Compose installed on your system. You can install them following the official documentation:\n\n- [Docker Installation Guide](https://docs.docker.com/get-docker/)\n- [Docker Compose Installation Guide](https://docs.docker.com/compose/install/)\n\n## Installation\n\n1. Clone this repository to your local machine:\n\n    ```bash\n    git clone https://github.com/quanglv1996/Secure-Web-Server.git\n    ```\n\n2. Navigate to the project directory and using root user:\n\n    ```bash\n    cd Secure-Web-Server\n    sudo -i\n    ```\n\n3. Create `dhparam` folder and generate ssh key with openssl\n    ```bash\n    mkdir dhparam\n    cd dhparam/\n    openssl dhparam -out dhparam-2048.pem 2048\n    ```\n\n4. Create `conf.d` folder and create file config `default.conf`\n    ```bash\n    cd ..\n    mkdir conf.d\n    nano conf.d/default.conf\n    ```\n    Copy config below and paste to `default.conf`\n    ```python\n    server {\n      listen 80;\n      server_name yourdomain.com;\n      root /public_html/;\n\n      location ~ /.well-known/acme-challenge{\n          allow all;\n          root /usr/share/nginx/html/letsencrypt;\n      }\n    }\n    ```\n\n5. Start the Docker Compose services:\n\n   ```bash\n   docker-compose up -d\n   ```\n\n   This will launch the Nginx web server and the Certbot service.\n\n6. Re-fix `default.conf` file\n\n   ```python\n    server {\n      listen 80;\n      server_name yourdomain.com;\n      root /public_html/;\n\n      location ~ /.well-known/acme-challenge{\n          allow all;\n          root /usr/share/nginx/html/letsencrypt;\n        }\n          location / {\n          return 301 https://www.yourdomain.com$request_uri;\n        }\n    }\n    server {\n      listen 443 ssl http2;\n      server_name www.yourdomain.com;\n      root /public_html/;\n\n      ssl on;\n      server_tokens off;\n      ssl_certificate /etc/nginx/ssl/live/www.yourdomain.com/fullchain.pem;\n      ssl_certificate_key /etc/nginx/ssl/live/www.yourdomain.com/privkey.pem;\n      ssl_dhparam /etc/nginx/dhparam/dhparam-2048.pem;\n      \n      ssl_buffer_size 8k;\n      ssl_protocols TLSv1.2 TLSv1.1 TLSv1;\n      ssl_prefer_server_ciphers on;\n      ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;\n\n      location / {\n          index index.html;\n      }\n    }\n    ```\n   Certbot will request and install SSL certificates for your specified domain.\n7. Restart the Docker Compose services:\n\n   ```bash\n   docker-compose down\n   docker-compose up -d\n   ```\n   This will launch the Nginx web server and the Certbot service.\n  \n8. Set to start the service when the server is turned on.\n\n    \n    First, create a systemd unit file. Using a text editor, you can create a new file, for example my-docker-service.service:\n    ```bash\n    sudo nano /etc/systemd/system/my-docker-service.service\n    ```\n    In this file, you can define the systemd unit file for your Docker Compose service. Here is an example:\n    ```Python\n    [Unit]\n    Description=My Docker Compose Service\n    After=network.target\n\n    [Service]\n    ExecStart=docker-compose -f /path/to/your/docker-compose.yml up -d\n    WorkingDirectory=/path/to/your/docker-compose-directory\n    Restart=always\n    User=yourusername\n\n    [Install]\n    WantedBy=multi-user.target\n    ```\n    Update systemd: After you have created the systemd unit file, you need to update information about systemd services with the following command:\n    ```bash\n    sudo systemctl daemon-reload\n    ```\n    Turn on the service: Now, you can turn on the docker compose service and set it to automatically run when the computer starts with the following commands:\n    ```bash\n    sudo systemctl start my-docker-service\n    sudo systemctl enable my-docker-service\n    ```\n    Check service status: You can check the status of the service with the command:\n    ```bash\n    sudo systemctl status my-docker-service\n    ```\n\n9. Set to renew SSL certificate daily\n\n    Edit Crontab: Use crontab -e command to edit your crontab and add docker-compose run --rm certbot renew command to crontab. Make sure you specify its runtime. For example:\n    ```bash\n    nano crontab -e\n    ```\n    Add to `crontab`\n    ```bash\n    0 0 * * * docker-compose -f /path/to/your/docker-compose.yml run --rm certbot renew\n    ```\n    Reboot server\n    ```bash\n    sudo reboot\n    ```\n\n## Directory Structure\n\n- `public_html`: Place your web content here.\n- `conf.d`: Store Nginx configuration files.\n- `dhparam`: Directory for Diffie-Hellman parameters.\n- `certbot/conf`: Certbot configuration and SSL certificates.\n- `certbot/logs`: Certbot log files.\n- `certbot/data`: Certbot webroot directory.\n\n![Certbot Logo](https://certbot.eff.org/images/Certbot-Logo-3.svg)\n\n## License\n\nThis project is open-source and available under the [MIT License](LICENSE).\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquanglv1996%2Fsecure-web-server-with-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fquanglv1996%2Fsecure-web-server-with-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquanglv1996%2Fsecure-web-server-with-docker/lists"}