Avast WEBforum
Business Products => Avast Business => On-Premise Management Console & Clients => Topic started by: hakjun on September 18, 2019, 02:42:33 PM
-
To Sir or Madam
With reference to your guide to "https://hub.docker.com/r/avastsoftware/management-console/", we build done well. But we need more options that reverse proxy. So we was build nginx for docker. Unfortunately it doesn't work well.
The setting was as follows.
------------------------------------------------------------------------------------------------------
docker-compose.yml
------------------------------------------------------------------------------------------------------
version: '3'
services:
avast:
container_name: avast
restart: always
image: avastsoftware/management-console:6.0.14.951
ports:
- '9001:443'
- '8080:8080'
- '8090:8090'
links:
- db
environment:
HOST: ##
WEB_PORT: 443
DEVICE_PORT: 8080
AGENT_PORT: 8090
DB_HOST: db
DB_PORT: 5432
DB_USER: ##
DB_PASSWORD: ##
DB_NAME: on-premise
# Security
KEYSTORE_PASSWORD: ##
KEYSTORE_TYPE: JKS
KEYSTORE_PATH: "/opt/avast/on-premise/security/server.jks"
CLI_PRIVATE_KEY_PATH: "/opt/avast/on-premise/security/clicrt_rsa-key.prv.der"
CLI_PUBLIC_KEY_PATH: "/opt/avast/on-premise/security/clicrt_rsa-key.pub.der"
volumes:
- /opt/avast/logs:/opt/avast/on-premise/log
- /opt/avast/security:/opt/avast/on-premise/security
networks:
- backend
db:
image: avastsoftware/management-console-db:9.6.3.1
environment:
POSTGRES_USER: ##
POSTGRES_PASSWORD: ##
POSTGRES_DB: on-premise
volumes:
- /opt/avast/db:/var/lib/postgresql/data
networks:
- backend
nginx:
container_name: nginx
restart: always
image: 'nginx:latest'
ports:
- '80:80'
- '443:443'
volumes:
- '/opt/nginx/conf:/etc/nginx/conf.d'
- '/opt/nginx/logs:/var/log/nginx'
networks:
- backend
networks:
backend:
driver: bridge
------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------
nginx/conf/default.conf
------------------------------------------------------------------------------------------------------
upstream avast {
server avast;
}
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
root /usr/share/nginx/html;
index index.html;
}
location /avast {
# rewrite ^/avast(.*)$ /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For &proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_pass http://avast;
}
ssl_certificate /etc/nginx/conf.d/certs/data-server-fisys.crt;
ssl_certificate_key /etc/nginx/conf.d/certs/data-server-fisys.key;
include /etc/nginx/conf.d/nginx_ssl.cert;
}
------------------------------------------------------------------------------------------------------
What should we do? Please send us the detailed solutions. We hope to hear from you soon.
Best Regards.