This gist is based on another one but it's slightly restructured for better readability. Also docker-compose config is simplified and to avoid breaking changes the specific version (version 6) of Firefly is used.
- VPS/server with any modern OS that supports docker
- A domain name with A record pointed to this server
- Ports 80 and 443 allowed in firewall
First we will setup Nginx and ssl certs and next Firefly itself. We put nginx and firefly configs in separate folders to isolate private services, and because nginx can potentially be used to proxy other services. External nginx-proxy
network is created to connect Firefly and Nginx containers.
- Create
nginx-proxy
folder somewhere anddocker-compose.yml
file inside it, put the following into the file:
docker-compose.yml
version: '3.3'
services:
nginx-proxy:
image: nginxproxy/nginx-proxy:alpine
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- ./current/public:/usr/share/nginx/html
- ./certs:/etc/nginx/certs:ro
- ./vhost:/etc/nginx/vhost.d
- /var/run/docker.sock:/tmp/docker.sock:ro
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
environment:
NGINX_PROXY_CONTAINER: nginx-proxy
NGINX_DOCKER_GEN_CONTAINER: nginx-proxy
volumes:
- ./current/public:/usr/share/nginx/html
- ./certs:/etc/nginx/certs:rw
- ./vhost:/etc/nginx/vhost.d
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
default:
external:
name: nginx-proxy
- Create an external network first and then start docker-compose
docker network create nginx-proxy
docker-compose up -d
- Create
firefly-iii
folder next tonginx-proxy
one anddocker-compose.yml
file inside it. Put the following into the file This configuration is based on the offical example, you might also want to check it out.
docker-compose.yml
version: '3.3'
services:
app:
image: fireflyiii/core:version-6
hostname: app
container_name: firefly_iii_core
restart: always
volumes:
- firefly_iii_upload:/var/www/html/storage/upload
env_file: .env
networks:
- firefly_iii
- nginx-proxy
expose:
- 8080
depends_on:
- db
db:
image: mariadb
hostname: db
container_name: firefly_iii_db
restart: always
env_file: .db.env
networks:
- firefly_iii
volumes:
- firefly_iii_db:/var/lib/mysql
cron:
image: alpine
restart: always
container_name: firefly_iii_cron
command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/REPLACEME\" | crontab - && crond -f -L /dev/stdout"
networks:
- firefly_iii
volumes:
firefly_iii_upload:
firefly_iii_db:
networks:
firefly_iii:
driver: bridge
nginx-proxy:
external: true
- Create
.env
file in the same folder. It will contain firefly container's env vars. Copy/paste the contents from the official example: - Add the following to the file:
VIRTUAL_HOST=your_domain
VIRTUAL_PORT=8080
LETSENCRYPT_HOST=your_domain
LETSENCRYPT_EMAIL=your_domain_admin_email
-
Replace
your_domain
andyour_domain_admin_email
with the appropriate values. Please note, that these vars are required fornginx-proxy
andletsencrypt
. They are deliberately set on firefly container and not in the nginx config, because of the way hownginx-proxy
works. It uses docker api to analyze changes in another containers configuration, seachers for specific vars and creates configuration files automatically based on them. Similarly setting LETSENCRYPT_HOST and LETSENCRYPT_EMAIL vars on some container triggersletsencrypt
to download and setup ssl certs. -
Set
TRUSTED_PROXIES
var in.env
file to**
, it's required for using reverse proxies such as nginx. -
Change DEFAULT_LANGUAGE, DEFAULT_LOCALE and TZ vars if needed. Check the other vars in the file.
-
Follow the docs to setup database connection.
-
Setup cron jobs
-
You may also want to setup email notifications and backups
-
Start docker-compose
docker-compose up -d
- After that letsencrypt container should pick up your settings, issue and setup ssl certificates in nginx. Similarly nginx should start to proxy web clients. You may now go to https://your_domain and login to Firefly. If something is not working check out logs with
docker-compose logs
I want to run three application behind NGINX as a reverse proxy. Firefly III, PiHole and HomeAssistant. I've been trying it just with NGINX image and the other applications images, but I can't reach my goal.
Also, I want to run it just locally, in a local server, and I'll export the access to these applications through a VPN (Tailscale), so, I won't have a public domain, I just want to use virtual hosts that will work like domains for my local network and to the devices connected in my VPN.
Do you have some ideia whether is it possible using this approach with the
nginx-proxy
container?Thanks in advance