Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

3CX in Docker container behind nginx-proxy with letsencrypt

Discussion in '3CX Phone System - General' started by Bret Gordon, Sep 7, 2017.

Tags:
Thread Status:
Not open for further replies.
  1. Bret Gordon

    Joined:
    Jun 16, 2017
    Messages:
    24
    Likes Received:
    3
    Has anyone tried this? I've searched around, but I haven't found anything.

    It should be fairly straightforward to set up a Dockerfile that pulls from Debian 8 and loads up 3CX, so the real challenge will be setting up the nginx reverse-proxy. I'll start playing around with it, but any suggestions are greatly appreciated.

    If anyone has 3CX running behind an nginx reverse-proxy, I would LOVE to see your config!

    I'll post a docker-compose.yml file here if/when I ever get this going properly. :)

    For starters, here's my standard docker-compose.yml for nginx-proxy/letsencrypt. Note that there is no "networks" config -- it will create "nginx_default" (i put it in a folder named "nginx") that you attach other containers to behind it:

    Code:
    version: '2'
    
    services:
      nginx-proxy:
        image: jwilder/nginx-proxy
        container_name: nginx-proxy
        ports:
          - "80:80"
          - "443:443"
        volumes:
          - ./vhost.d:/etc/nginx/vhost.d
          - /usr/share/nginx/html
          - ./certs:/etc/nginx/certs:ro
          - ./conf.d/:/etc/nginx/conf.d
          - /var/run/docker.sock:/tmp/docker.sock:ro
        restart: always
    
      letsencrypt-nginx-proxy-companion:
        image: jrcs/letsencrypt-nginx-proxy-companion
        container_name: letsencrypt-nginx-proxy-companion
        volumes_from:
          - nginx-proxy
        volumes:
          - /var/run/docker.sock:/var/run/docker.sock:ro
          - ./certs:/etc/nginx/certs:rw
        restart: always
    
    For example, a Wordpress container connected to the proxy:

    Code:
    version: '2'
    
    services:
      db-wordpress:
        image: mysql:5.7
        container_name: db-wordpress
        volumes:
          - ./db-wordpress:/var/lib/mysql
        environment:
          - MYSQL_ROOT_PASSWORD=wordpress
          - MYSQL_DATABASE=wordpress
          - MYSQL_USER=wordpress
          - MYSQL_PASSWORD=wordpress
        networks:
          - proxy-tier
        restart: always
    
      wordpress:
        depends_on:
          - db-wordpress
        image: wordpress
        container_name: wordpress
        volumes:
          - ./html:/var/www/html
        environment:
          - WORDPRESS_DB_HOST=db-wordpress:3306
          - WORDPRESS_DB_PASSWORD=wordpress
          - WORDPRESS_DB_USER=wordpress
          - VIRTUAL_HOST=example.com,www.example.com
          - LETSENCRYPT_HOST=example.com,www.example.com
          - LETSENCRYPT_EMAIL=admin@example.com
        networks:
          - proxy-tier
        restart: always
    
    networks:
      proxy-tier:
        external:
          name: nginx_default
    

    There REALLY shouldn't be any reason why this won't work! Like I said, I think it is just a matter of getting a proper reverse-proxy config file set up.
     
  2. Bret Gordon

    Joined:
    Jun 16, 2017
    Messages:
    24
    Likes Received:
    3
    NOBODY??? Guess I have to do everything myself, lol :rolleyes:
     
  3. eits

    Joined:
    Sep 18, 2017
    Messages:
    2
    Likes Received:
    0
    hi bret, any success so far? i got that question from a future customer today...
     
  4. Bret Gordon

    Joined:
    Jun 16, 2017
    Messages:
    24
    Likes Received:
    3
    I haven't had a chance to get into it yet, unfortunately. I just bought a refurb R900 where it will eventually live, but I'm having issues with the CPU's overheating and a stick of bad RAM somewhere. So I need to take care of that first.

    Like I said, though, the trick is going to be in the proxy config, so I'll start looking to see how people might be doing it with other PBX's and go from there. I really don't see any reason why it wouldn't work.
     
Thread Status:
Not open for further replies.