{"id":20619742,"url":"https://github.com/twtrubiks/docker-letsencrypt-django-nginx-proxy-uwsgi-postgres","last_synced_at":"2025-04-15T12:02:14.526Z","repository":{"id":84518939,"uuid":"186140517","full_name":"twtrubiks/docker-letsencrypt-django-nginx-proxy-uwsgi-postgres","owner":"twtrubiks","description":"Docker + Letsencrypt + Django + Nginx-Proxy + uWSGI 教學","archived":false,"fork":false,"pushed_at":"2022-05-15T05:06:21.000Z","size":22,"stargazers_count":27,"open_issues_count":1,"forks_count":4,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-28T19:53:43.913Z","etag":null,"topics":["django","docker","https","letsencrypt","nginx","nginx-proxy","tutorial"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/twtrubiks.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-05-11T14:06:56.000Z","updated_at":"2023-12-22T11:37:45.000Z","dependencies_parsed_at":"2023-03-02T04:30:28.385Z","dependency_job_id":null,"html_url":"https://github.com/twtrubiks/docker-letsencrypt-django-nginx-proxy-uwsgi-postgres","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/twtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/twtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/twtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/twtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/twtrubiks","download_url":"https://codeload.github.com/twtrubiks/docker-letsencrypt-django-nginx-proxy-uwsgi-postgres/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249067779,"owners_count":21207395,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","docker","https","letsencrypt","nginx","nginx-proxy","tutorial"],"created_at":"2024-11-16T12:12:24.036Z","updated_at":"2025-04-15T12:02:14.512Z","avatar_url":"https://github.com/twtrubiks.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# docker-letsencrypt-django-nginx-proxy-uwsgi-postgres\n\n這篇文章主要是要教大家如何透過 letsencrypt 完成 **https**:fire:\n\n建議閱讀這篇文章之前，先看過以下這篇文章，因為會使用這個範例的 repo。\n\n[Docker + Django + Nginx + uWSGI + Postgres 基本教學 - 從無到有](https://github.com/twtrubiks/docker-django-nginx-uwsgi-postgres-tutorial)\n\n* [Youtube Tutorial PART 1 - Docker + Letsencrypt + Django + Nginx-Proxy + uWSGI 實作教學](https://youtu.be/YaWnQz1vIFM)\n\n* [Youtube Tutorial PART 2 - Docker + Letsencrypt + Django + Nginx-Proxy + uWSGI 實作教學](https://youtu.be/733-HxAcD-8)\n\n## 說明\n\n使用別人的 image ( 站在巨人的肩膀上 :smile: )，以下兩個 repo，分別是\n\n[docker-letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) 以及 [nginx-proxy](https://github.com/jwilder/nginx-proxy)。\n\n非常建議閱讀 ( 也可以玩玩看 )，裡面也有介紹整個原理以及功能，所以這邊\n\n不會再詳細介紹，因為文章內已經非常詳細了。\n\n提供直接可以 run 的 docker-compose 給大家。\n\n目標是在 [here](https://github.com/twtrubiks/docker-django-nginx-uwsgi-postgres-tutorial) 加上 https，這時候就需要搭配 nginx-proxy 以及 docker-letsencrypt-nginx-proxy-companion。\n\n### 方法一\n\n* [Youtube Tutorial PART 1 - Docker + Letsencrypt + Django + Nginx-Proxy + uWSGI 實作教學](https://youtu.be/YaWnQz1vIFM)\n\n提供兩種方法，一種是統一在同一個 docker-compose 內，詳細請參考 [method_1](method_1)。\n\n```yml\nversion: '3.5'\nservices:\n\n  nginx-proxy:\n    image: jwilder/nginx-proxy:alpine\n    restart: always\n    container_name: nginx-proxy\n    ports:\n      - \"80:80\"\n      - \"443:443\"\n    volumes:\n      - /var/run/docker.sock:/tmp/docker.sock:ro\n      - html:/usr/share/nginx/html\n      - dhparam:/etc/nginx/dhparam\n      - vhost:/etc/nginx/vhost.d\n      - certs:/etc/nginx/certs:ro\n      - ./custom_nginx.tmpl:/app/nginx.tmpl\n      - ./nginx_log:/var/log/nginx\n\n  nginx-proxy-letsencrypt:\n    image: jrcs/letsencrypt-nginx-proxy-companion\n    restart: always\n    depends_on:\n      - \"nginx-proxy\"\n    volumes:\n      - certs:/etc/nginx/certs\n      - vhost:/etc/nginx/vhost.d\n      - html:/usr/share/nginx/html\n      - /var/run/docker.sock:/var/run/docker.sock:ro\n    environment:\n      - ACME_CA_URI=https://acme-staging-v02.api.letsencrypt.org/directory\n      - NGINX_PROXY_CONTAINER=nginx-proxy\n      - DEFAULT_EMAIL=xxx@xxx.xxx\n\n  nginx:\n    container_name: nginx-container\n    build: ./nginx\n    restart: always\n    volumes:\n      - api_data:/docker_api\n      - ./log:/var/log/nginx\n    depends_on:\n      - api\n    environment:\n      - VIRTUAL_HOST=twtrubiks.com.tw\n      - VIRTUAL_NETWORK=nginx-proxy\n      - VIRTUAL_PORT=80\n      - LETSENCRYPT_HOST=twtrubiks.com.tw\n      - LETSENCRYPT_EMAIL=xxxx@gmail.com\n\n  ......\n```\n\n以下稍微說明一下，首先是 `ACME_CA_URI=https://acme-staging-v02.api.letsencrypt.org/directory`，\n\n這個的目的就是測試用 ( staging )，詳細以及一些限制可參考 [Staging Environment](https://letsencrypt.org/docs/staging-environment/)，\n\n建議可以先用這個測試，確認沒問題之後，再把它註解掉 ( 正式機 )。\n\n接下來說明，\n\n```yml\nenvironment:\n    - VIRTUAL_HOST=twtrubiks.com.tw\n    - VIRTUAL_NETWORK=nginx-proxy\n    - VIRTUAL_PORT=80\n    - LETSENCRYPT_HOST=twtrubiks.com.tw\n    - LETSENCRYPT_EMAIL=xxxx@gmail.com\n```\n\n這邊先假設你的主機 ip 是 123.456.789，請先去幫他加上一個 domain，例如，我今天的 domain 是 twtrubiks.com.tw，\n\n就把他分別設定到 VIRTUAL_HOST 以及 LETSENCRYPT_HOST，LETSENCRYPT_EMAIL 則填上自己的 e-mail.\n\n#### 將 nginx log 同步到本機\n\n如果想要把 nginx log 同步到本機, 直接加上 `./nginx_log:/var/log/nginx` 即可.\n\n如果想要修改 nginx log 的格式, 請直接到 [custom_nginx.tmpl](https://github.com/twtrubiks/docker-letsencrypt-django-nginx-proxy-uwsgi-postgres/blob/master/method_1/custom_nginx.tmpl) 底下修改,\n\n然後在 `docker-compose.yml` 加上,\n\n`- ./custom_nginx.tmpl:/app/nginx.tmpl` 即可.\n\n原始的 [nginx.tmpl](https://github.com/nginx-proxy/docker-gen/blob/main/templates/nginx.tmpl) 可到這裡查詢.\n\n#### nginx 設定 html\n\n修改 `my_nginx.conf` 加上一個位置, 並且指定你的 html 路徑\n\n```conf\nlocation /test {\n    root /usr/share/nginx/html;\n    index index.html;\n}\n```\n\n之後將你的 html 放入 `/usr/share/nginx/html/test` 即可,\n\n最後重啟 nginx, 瀏覽 `https://twtrubiks.com.tw/test/` 就會看到你的 html.\n\n#### 執行方法\n\n直接執行即可\n\n```cmd\ndocker-compose up\n```\n\n如果設定都正確，你可以點選 https://twtrubiks.com.tw 會正常 work。\n\n( 如果出現不安全，代表有問題 )\n\n### 方法二\n\n* [Youtube Tutorial PART 2 - Docker + Letsencrypt + Django + Nginx-Proxy + uWSGI 實作教學](https://youtu.be/733-HxAcD-8)\n\n另一種方式是分成兩個 docker-compose，其中一個 docker-compose 是 nginx-proxy 以及 docker-letsencrypt-nginx-proxy-companion，\n\n另一個 docker-compose 則是 [here](https://github.com/twtrubiks/docker-django-nginx-uwsgi-postgres-tutorial)。\n\n這邊你可能會問我，明明一個 docker-compose 能解決的事情，為什麼要拆成兩個 docker-compose:question:\n\n原因是這種方法比較有彈性，如果我今天要加新的 docker container ( 加到 docker-compose 內 )，\n\n可以直接另外寫一個 docker-compose，然後直接 run，nginx-proxy 以及 docker-letsencrypt-nginx-proxy-companion 會自動偵測\n\n到這些 container，這樣就不用把原本的先停止 ( docker-compose down )，也比較好管理，不會一堆東西都塞在一起。\n\n但這方法要多注意 networks 的部分，建議可先參考 [docker-compose networks 說明](https://github.com/twtrubiks/docker-tutorial#docker-compose-networks) 了解一下觀念。\n\n開始介紹，詳細請參考 [method_2](method_2)，裡面有兩個 docker-compose，\n\ndocker-compose-nginx-proxy.yml，主要是 nginx-proxy 以及 docker-letsencrypt-nginx-proxy-companion。\n\n```yml\nversion: '3.5'\nservices:\n\n  nginx-proxy:\n    image: jwilder/nginx-proxy:alpine\n    ......\n    networks:\n      - proxy\n\n\n  nginx-proxy-letsencrypt:\n    image: jrcs/letsencrypt-nginx-proxy-companion\n    ....\n    networks:\n      - proxy\n....\n\nnetworks:\n  proxy:\n    name: self-nginx-proxy\n```\n\n這邊要注意 `networks` 的部分，我自己建立的名稱為 self-nginx-proxy，如果其他 container 要連接，\n\n都設定為同一個 networks 即可 ( self-nginx-proxy )。\n\ndocker-compose.yml，主要是 Django + Nginx + uWSGI + Postgres。\n\n```yml\nversion: '3.5'\nservices:\n\n  nginx:\n    container_name: nginx-container\n    ...\n    networks:\n      - proxy\n    depends_on:\n      - api\n    environment:\n      - VIRTUAL_HOST=twtrubiks.com.tw\n      - VIRTUAL_NETWORK=nginx-proxy\n      - VIRTUAL_PORT=80\n      - LETSENCRYPT_HOST=twtrubiks.com.tw\n      - LETSENCRYPT_EMAIL=xxxx@gmail.com\n\n  api:\n    container_name: api-container\n    ....\n    networks:\n      - proxy\n    ...\n\n  ...\n\n...\n\nnetworks:\n  proxy:\n    external:\n      name: self-nginx-proxy\n```\n\n一樣注意 networks 的部分，這邊多了 `external`，代表說我要用外部的 networks，如果找不到會報錯。\n\n### 範例\n\n[example](example)\n\n#### 執行方法\n\n先執行\n\n```cmd\ndocker-compose -f docker-compose-nginx-proxy.yml up\n```\n\n( 這個方法是指定 docker-compose )\n\n再執行\n\n```cmd\ndocker-compose up\n```\n\n如果設定都正確，你可以點選 https://twtrubiks.com.tw 會正常 work。\n\n( 如果出現不安全，代表有問題 )\n\n## 補充：\n\n也可以進去 [docker-letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) 的容器中，找到 start.sh，\n\n執行 `./start.sh` 測試 https。\n\nletsencrypt 的 challenge 有很多種方式，在這裡是使用 **HTTP-01 challenge**，其他\n\n的 challenge 方式可參考 [challenge-types](https://letsencrypt.org/zh-tw/docs/challenge-types/)。\n\n## 後記：\n\n之前剛好碰上要自己建立 https，上網研究了一番，最後選擇這個，也建議大家可以看一下\n\n原理，這篇也算是紀錄，以後需要 https，就直接拿這份 docker-compose 改一改即可。\n\n## Reference\n\n* [docker-letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion)\n* [nginx-proxy](https://github.com/jwilder/nginx-proxy)\n\n## Donation\n\n文章都是我自己研究內化後原創，如果有幫助到您，也想鼓勵我的話，歡迎請我喝一杯咖啡:laughing:\n\n![alt tag](https://i.imgur.com/LRct9xa.png)\n\n[贊助者付款](https://payment.opay.tw/Broadcaster/Donate/9E47FDEF85ABE383A0F5FC6A218606F8)\n\n## License\n\nMIT license\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftwtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftwtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftwtrubiks%2Fdocker-letsencrypt-django-nginx-proxy-uwsgi-postgres/lists"}