TransWikia.com

qgis-server docker behind reverse proxy

Geographic Information Systems Asked by meulth on July 4, 2021

we want to use qgis-server within docker behind a reverse proxy.
now qgis-server is running and the get-capabilities works.

the problem is the host, which is given us by the get-capabilities. we get the host and the port from the container and not the host:port which we need for the get map command. i.e.: http://qgis-server.com:8080 is what we have in the get capabilities, but we need: https://qgis-server.com

now there is an option to set the port within qgis-server: https://github.com/qgis/QGIS/blob/master/src/server/qgsfcgiserverrequest.cpp#L48 but this works only if there is not allready a port in the url.

so is there a way to specify the host, port, and protocol of the front facing reverse proxy in a QGIS Server option that QGIS Server generates the appropriate XML?

thanks

dockerproxyqgisqgis server

One Answer

Use a docker-compose environment.

To simplify things, work on the same host as your QGIS server docker.

We will be using an off-the-shelf solution, provided by JWilder.

The nginxreverse-proxy will:

  • handle incoming https requests,
  • route the SSL verification to the nginx_proxy_companion container/service, and then
  • pass the underlying http data request to your QGIS server (qgis-server container/service).

nginx-gen is an auxiliary (but necessary) service, which upon bootstrap will take care of connecting (via vhost configuration files) nginx-web (your reverse proxying server) to any container presenting a VIRTUAL_HOST environment variable, in this case qgis-server.

Create a folder named for example qgis_reverse_proxy.

In it create a file named docker-compose.yml:

version: '3'
services:

  qgis-server:
    # Should use version with utf-8 locale support:
    image: qgis-server:latest
    volumes:
    - REPLACE_WITH_FULL_PATH/data:/data:ro
    environment:
    - LANG=en_EN.UTF-8
    - QGIS_PROJECT_FILE=/data/osm.qgs
    - QGIS_SERVER_LOG_LEVEL=0  # INFO (log all requests)
    - DEBUG=1                  # display env before spawning QGIS Server
    - VIRTUAL_HOST=qgis-server.com
    - LETSENCRYPT_HOST=qgis-server.com
    - [email protected]

  nginx-web:
    image: nginx
    labels:
        com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    container_name: ${NGINX_WEB:-nginx-web}
    restart: always
    ports:
      - "${IP:-0.0.0.0}:${DOCKER_HTTP:-80}:80"
      - "${IP:-0.0.0.0}:${DOCKER_HTTPS:-443}:443"
    volumes:
      - ${NGINX_FILES_PATH:-./data}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH:-./data}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH:-./data}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH:-./data}/certs:/etc/nginx/certs:ro
      - ${NGINX_FILES_PATH:-./data}/htpasswd:/etc/nginx/htpasswd:ro
    logging:
      driver: ${NGINX_WEB_LOG_DRIVER:-json-file}
      options:
        max-size: ${NGINX_WEB_LOG_MAX_SIZE:-4m}
        max-file: ${NGINX_WEB_LOG_MAX_FILE:-10}

  nginx-gen:
    image: jwilder/docker-gen
    command: -notify-sighup ${NGINX_WEB:-nginx-web} -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
    container_name: ${DOCKER_GEN:-nginx-gen}
    restart: always
    volumes:
      - ${NGINX_FILES_PATH:-./data}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH:-./data}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH:-./data}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH:-./data}/certs:/etc/nginx/certs:ro
      - ${NGINX_FILES_PATH:-./data}/htpasswd:/etc/nginx/htpasswd:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
    logging:
      driver: ${NGINX_GEN_LOG_DRIVER:-json-file}
      options:
        max-size: ${NGINX_GEN_LOG_MAX_SIZE:-2m}
        max-file: ${NGINX_GEN_LOG_MAX_FILE:-10}

  nginx-letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: ${LETS_ENCRYPT:-nginx-letsencrypt}
    restart: always
    volumes:
      - ${NGINX_FILES_PATH:-./data}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH:-./data}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH:-./data}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH:-./data}/certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      NGINX_DOCKER_GEN_CONTAINER: ${DOCKER_GEN:-nginx-gen}
      NGINX_PROXY_CONTAINER: ${NGINX_WEB:-nginx-web}
    logging:
      driver: ${NGINX_LETSENCRYPT_LOG_DRIVER:-json-file}
      options:
        max-size: ${NGINX_LETSENCRYPT_LOG_MAX_SIZE:-2m}
        max-file: ${NGINX_LETSENCRYPT_LOG_MAX_FILE:-10}

networks:
  default:
    external:
      name: ${NETWORK:-webproxy}

Then fire it up and try connecting to https://qgis-server.com

Answered by RafDouglas on July 4, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

Recent Answers

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP