Web Server Deployment Using Nginx and Docker

Post Image

Before we start, there are definitely some prerequisites regarding this.

Prerequisites

An Ubuntu 20.04 server

  1. Firewall rules allowing ssh on port 22, HTTP on port 80 and HTTPS on port 443 access

  2. A static Public IP for the server

  3. Ability to SSH into the server

  4. A root password for the server as it will be needed in few steps

    • (If you use an Private Key (.pem file) to SSH into the server, SSH into the server and use sudo passwd <YOUR USERNAME> to create a new password)
  5. An Account on Docker Hub with a private repository created (You can use any registry, just look up the instructions to do docker login.

SSH Into the Server

Install Docker

1sudo apt update
2sudo apt install apt-transport-https ca-certificates curl software-properties-common
3curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
4sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
5sudo apt update

Update the package database for Docker and Make sure you are about to install from the Docker repo instead of the default Ubuntu repo

1apt-cache policy docker-ce

Finally install and check if Docker daemon is running

1sudo apt install docker-ce
2sudo systemctl status docker

Give docker command sudo privileges

1sudo usermod -aG docker ${USER}
2su - ${USER} # Password will be needed in this step

Confirm that you're in the docker group

1id -nG

References: DigitalOcean

Install Docker Compose

1sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
2sudo chmod +x /usr/local/bin/docker-compose
3docker-compose --version

References: DigitalOcean

Get access token from Docker Hub

  1. Login to Docker Hub

  2. Go to Account Settings

  3. Go to Security

  4. Click on New Access Token

  5. Give your token a name

  6. Generate new token and copy it somewhere safe and accessible and close the dialog box.

Login to Docker Hub

Login to Docker Hub on your server

1docker --login username <USERNAME> # Replace <USERNAME> with your Docker Hub username

Make the docker-compose.yml file

1cd ~
2touch docker-compose.yml
3nano docker-compose.yml

Paste the Following Do note that you can change the number of services according to your preference

1version: "3"
2
3services:
4 frontend:
5 image: dockerhubusername/webapp:frontend # Docker Image of Frontend App
6 container_name: frontend
7 ports:
8 - "8000:80" # Replace 80 with your container port
9
10 backend:
11 image: dockerhubusername/webapp:backend # Docker Image of Backend App
12 container_name: backend
13 ports:
14 - "9000:80" # Replace 80 with your container port

Setup Nginx

Install Nginx

1sudo apt update
2sudo apt install nginx

Start and Enable Nginx

1sudo systemctl start nginx
2sudo systemctl enable nginx

Edit conf file for basic http server

1sudo rm /etc/nginx/nginx.conf
2sudo touch /etc/nginx/nginx.conf
3sudo nano /etc/nginx/nginx.conf

Paste the following Configuration

Here also you've to keep the number of services in mind. If you're using only one container, remove the /api block

1worker_processes 1;
2
3events {
4 worker_connections 1024;
5}
6
7http {
8 client_max_body_size 10M; # Maximum size a request can have
9 server {
10 client_max_body_size 10M; # Configure both values according to your application
11
12 server_name subdomain.domain.com; # Domain name for the server
13
14 # Pass all /api calls to backend
15
16 location /api {
17 client_max_body_size 10M;
18 proxy_pass http://localhost:9000;
19 }
20
21 location / {
22 client_max_body_size 10M;
23 proxy_pass http://localhost:8000;
24 }
25 }
26}

Restart Nginx

1sudo systemctl restart nginx

Starting the HTTP Server

1docker-compose pull && docker-compose up -d

Setup your Domain

Enter the Public IP of your server in the DNS records of your Domain name as A Record, and your website should be up and running with HTTP on the domain.

Setting Up HTTPS and SSL with LetsEncrypt and CertBot

Install Prerequisites

1sudo snap install certbot

Install CertBot

1sudo certbot --nginx -d subdomain.domain.com

Enter all the follow up inputs required while generating certificate.

Test Automatic Renewal

1sudo certbot renew --dry-run

Confirm that HTTPS is active now

Go to the your domain in your browser, and click on the Padlock to verify that the certificate issued is by LetsEncrypt.

References: Certbot

Thank you for reaching at the end of the post. If you liked it, please share it among your network. If you found any errors/discrepenceies, you can contact me any time on my mail or fill the contact form on my Portfolio, and I'll get back to you.