Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/robzhu/nginx-local-tunnel

A docker container that redirects incoming HTTP traffic to a local port for reverse SSH tunneling
https://github.com/robzhu/nginx-local-tunnel

docker letsencrypt lightsail nginx ssh webdevelopment

Last synced: 2 months ago
JSON representation

A docker container that redirects incoming HTTP traffic to a local port for reverse SSH tunneling

Host: GitHub
URL: https://github.com/robzhu/nginx-local-tunnel
Owner: robzhu
Created: 2019-08-02T19:35:46.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2022-12-11T01:21:02.000Z (about 2 years ago)
Last Synced: 2024-08-05T09:14:54.060Z (6 months ago)
Topics: docker, letsencrypt, lightsail, nginx, ssh, webdevelopment
Language: Dockerfile
Size: 648 KB
Stars: 22
Watchers: 4
Forks: 8
Open Issues: 6
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-network-stuff - **2**星

README

# nginx-local-tunnel

This container lets you access an app running on localhost from a remote URL with SSL termination. This is helpful for testing integrations that require SSL, such as PWAs, Alexa Skills, Github WebHooks, etc. If you've ever used ngrok or serveo, this is just like that but with a little more control.

![diagram](/diagram.png?raw=true "Diagram")

# Instructions

## 0. Launch a Host Instance

Launch an Ubuntu 18.04 Virtual Private Server using any provider and open port 80. On the server, [install docker](https://docs.docker.com/install/). Configure DNS to point your domain to your host server's IP.

## 1. Build the container image

```bash
git clone https://github.com/robzhu/nginx-local-tunnel
cd nginx-local-tunnel

docker build -t {DOCKERUSER}/dev-proxy . --build-arg ROOTPW={PASSWORD}

# launch the container
docker run -d -P 80:80 -p 2222:22 {DOCKERUSER}/dev-proxy
```

## 2. On your dev machine, create a reverse tunnel with SSH

```bash
# Ports explained:
# 3000 refers to the port that your app is running on localhost.
# 2222 is the forwarded port on the host that we use to directly SSH into the container.
# 80 is the default HTTP port, forwarded from the host
ssh -R :80:localhost:3000 -p 2222 [email protected]
```

## 3. Start the sample app on localhost

```bash
cd node-hello && npm i
nodemon main.js
```

Now you should be able to access your app from either http://localhost:3000 or http://YOURDOMAIN.com.

# SSL

On the server, launch [nginx-proxy](https://github.com/jwilder/nginx-proxy) and [docker-letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion), then launch your container, specifying the subdomain.

```bash
docker run --detach \
--name nginx-proxy \
--publish 80:80 \
--publish 443:443 \
--volume /etc/nginx/certs \
--volume /etc/nginx/vhost.d \
--volume /usr/share/nginx/html \
--volume /var/run/docker.sock:/tmp/docker.sock:ro \
jwilder/nginx-proxy

docker run --detach \
--name nginx-proxy-letsencrypt \
--volumes-from nginx-proxy \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
--env "DEFAULT_EMAIL={YOUREMAIL}" \
jrcs/letsencrypt-nginx-proxy-companion

docker run --detach \
--name dev-proxy \
--publish 2222:22 \
--env "VIRTUAL_HOST=dev.YOURDOMAIN.tld" \
--env "LETSENCRYPT_HOST=dev.YOURDOMAIN.tld" \
{DOCKERUSER}/dev-proxy

```

On your local dev machine:

```bash
ssh -NR :80:localhost:3000 -p 2222 [email protected]
# run something on localhost:3000
```

As long as you keep this SSH connection open, you'll able to access your app from either http://localhost:3000 or https://dev.YOURDOMAIN.tld. For additional security, you'll want to limit access to only a select set of IP addresses and origins.