f33 server
sudo dnf updatesudo dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
sudo dnf install docker-ce docker-ce-cli containerd.iosudo groupadd docker
sudo usermod -aG docker $USER
newgrp dockersudo curl -L "https://github.com/docker/compose/releases/download/1.28.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-composeif fails, with python lib access error:
sudo dnf updatesudo systemctl enable docker
sudo systemctl enable containerd
sudo systemctl start dockercd ~
mkdir www
cd www
vi docker-compose.ymlversion: "3.9"
services:
site1:
build:
context: ./site1/
ports:
- "8881:80"mkdir site1
cd site1
touch index.html
vi DockerfileFROM nginx:alpine
COPY . /usr/share/nginx/html
EXPOSE 80vi index.html<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<title>site1</title>
</head>
<body>
<code>./site1</code>
</body>
</html>sudo dnf install nginxsudo systemctl enable nginxIn nginx.conf:
http {
upstream site1 {
server localhost:8881;
}
server {
location ^~ /site1/ {
proxy_pass http://site1/;
}
}
}
Later, configure nginxconfig.io to set up a more extendable set of rules with sites-enabled/available.
https://stackoverflow.com/questions/23948527/13-permission-denied-while-connecting-to-upstreamnginx
setsebool -P httpd_can_network_relay 1
https://www.nginx.com/blog/using-nginx-plus-with-selinux/#Issue-1:-Proxy-Connection-is-Forbidden
sudo dnf install -y setools policycoreutils-python-utils
I was using 8081 and up, but those are already defined:
semanage port -l | grep 8081
So, use 8881:
sudo semanage port -l | grep http_port_t
sudo semanage port -a -t http_port_t -p tcp 8881firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reloadsudo systemctl start nginx
This runs it as root, so we maybe don't want to do that. For now, it's fine, because we need permission access to /var/log/nginx and /etc/letsencrypt