This is a brief description of my local testing of running my Ansible role that I created here.
That role installs Caddy, then manages /etc/hosts and the Caddyfile to allow using local domains for websites for local development (instead of localhost:8080
, for instance).
Reverse Proxying Docker Services
I thought maybe Docker would do some funny stuff that would prevent me from reverse proxying services running in Docker containers, but this is not the case.
I ran my role as described in this article to reverse proxy Jenkins and GitLab running in Docker containers.
The Docker compose file is similar to this:
version: '3'
services:
jenkins:
container_name: jenkins
image: jenkins-ansible
build:
context: jenkins_ansible
ports:
- "8090:8080"
volumes:
- "$PWD/jenkins_home:/var/jenkins_home"
networks:
- net
git:
container_name: git_server
image: 'gitlab/gitlab-ee:latest'
hostname: 'gitlab.example.com'
ports:
- '8093:80'
volumes:
- '$PWD/gitlab/config:/etc/gitlab'
- '$PWD/gitlab/logs:/var/log/gitlab'
- '$PWD/gitlab/data:/var/opt/gitlab'
shm_size: '256m'
networks:
- net
networks:
net:
Note that the local ports need to match the reverse proxy sections in the Caddyfile!
To do that, the configuration in my Ansible role looks like this:
dns_and_reverse_proxies:
- { domain: "jenkins.lcl", present: true, caddy_served: true, port: 8090, ssl: false }
- { domain: "gitlab.lcl", present: true, caddy_served: true, port: 8093, ssl: false }
Both services are run without SSL. This is just a local testing playground.
What doesn’t work?
While I tested a few services that worked fine, not everything did: I also run a Syncthing server locally. As part of the security check, it checks to make sure that it’s running on the local machine. This does not work out of the box with the reverse proxy.
I could work around this, but I don’t access the GUI that frequently, so it has a pretty low effort to reward ratio to make it work.