Author Topic: How to build reverse proxy using avast on premise console for docker  (Read 629 times)

0 Members and 1 Guest are viewing this topic.

Offline hakjun

  • Newbie
  • *
  • Posts: 1
To Sir or Madam

With reference to your guide to "https://hub.docker.com/r/avastsoftware/management-console/",  we build done well. But we need more options that reverse proxy. So we was build nginx for docker. Unfortunately it doesn't work well.
The setting was as follows.

------------------------------------------------------------------------------------------------------
docker-compose.yml
------------------------------------------------------------------------------------------------------
version: '3'
services:
  avast:
    container_name: avast
    restart: always
    image: avastsoftware/management-console:6.0.14.951
    ports:
      - '9001:443'
      - '8080:8080'
      - '8090:8090'
    links:
      - db
    environment:
      HOST: ##
      WEB_PORT: 443
      DEVICE_PORT: 8080
      AGENT_PORT: 8090
      DB_HOST: db
      DB_PORT: 5432
      DB_USER: ##
      DB_PASSWORD: ##
      DB_NAME: on-premise
      # Security
      KEYSTORE_PASSWORD: ##
      KEYSTORE_TYPE: JKS
      KEYSTORE_PATH: "/opt/avast/on-premise/security/server.jks"
      CLI_PRIVATE_KEY_PATH: "/opt/avast/on-premise/security/clicrt_rsa-key.prv.der"
      CLI_PUBLIC_KEY_PATH: "/opt/avast/on-premise/security/clicrt_rsa-key.pub.der"
    volumes:
      - /opt/avast/logs:/opt/avast/on-premise/log
      - /opt/avast/security:/opt/avast/on-premise/security
    networks:
      - backend
  db:
    image: avastsoftware/management-console-db:9.6.3.1
    environment:
      POSTGRES_USER: ##
      POSTGRES_PASSWORD: ##
      POSTGRES_DB: on-premise
    volumes:
      - /opt/avast/db:/var/lib/postgresql/data
    networks:
      - backend
  nginx:
    container_name: nginx
    restart: always
    image: 'nginx:latest'
    ports:
      - '80:80'
      - '443:443'
    volumes:
    - '/opt/nginx/conf:/etc/nginx/conf.d'
    - '/opt/nginx/logs:/var/log/nginx'
    networks:
      - backend

networks:
  backend:
    driver: bridge
------------------------------------------------------------------------------------------------------

------------------------------------------------------------------------------------------------------
nginx/conf/default.conf
------------------------------------------------------------------------------------------------------
upstream avast {
        server avast;
}

server {
        listen 80;
        listen [::]:80;
        server_name example.com www.example.com;

        location / {
                return 301 https://$host$request_uri;
        }
}

server {
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
        server_name example.com www.example.com;

        location / {
                try_files $uri $uri/ =404;
                root /usr/share/nginx/html;
                index index.html;
        }

        location /avast {
#               rewrite ^/avast(.*)$ /$1 break;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header X-Forwarded-For &proxy_add_x_forwarded_for;

                proxy_redirect off;

                proxy_pass http://avast;
        }

        ssl_certificate /etc/nginx/conf.d/certs/data-server-fisys.crt;
        ssl_certificate_key /etc/nginx/conf.d/certs/data-server-fisys.key;
        include /etc/nginx/conf.d/nginx_ssl.cert;
}
------------------------------------------------------------------------------------------------------

What should we do? Please send us the detailed solutions. We hope to hear from you soon.

Best Regards.