Secretium

English

Русский
简体中文
Español

English

Русский
简体中文
Español

Appearance

Configure Secretium with Nginx via Docker

This section will show you the minimum steps to configure Secretium to work with the Nginx web/proxy server via the nginx-proxy Docker image.

Limitations of this instruction

Before configuring the web/proxy server, the container with your Secretium instance must be up and running without errors. We will assume that the container is running with default settings, with container name secretium on port 8787.

What is nginx-proxy?

The nginx-proxy project sets up a container running Nginx and docker-gen, which generates reverse proxy configs for Nginx and reloads web/proxy server when containers are started and stopped.

Run Secretium container

To run the Secretium container with nginx-proxy, you need to edit your docker-compose.yaml file with the following content:

yaml
version: '3.8'

services:

  nginx-proxy: 
    image: 'nginxproxy/nginx-proxy:alpine'
    restart: unless-stopped
    ports: 
      - '80:80'
      - '443:443'
    volumes: 
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /etc/ssl/certs:/etc/nginx/certs

  secretium:
    image: 'secretium/secretium:latest'
    restart: unless-stopped
    expose:
      - '8787'
    environment:
      SECRET_KEY: /run/secrets/secretium_key
      MASTER_USERNAME: /run/secrets/secretium_master_username
      MASTER_PASSWORD: /run/secrets/secretium_master_password
      DOMAIN: /run/secrets/secretium_domain
      DOMAIN_SCHEMA: https
      SERVER_PORT: 8787
      SERVER_TIMEZONE: Europe/Moscow
      SERVER_READ_TIMEOUT: 5
      SERVER_WRITE_TIMEOUT: 10
      VIRTUAL_HOST: /run/secrets/secretium_domain
      VIRTUAL_PORT: 8787
    volumes:
      - ./secretium-data:/secretium-data
      - /etc/ssl/certs:/etc/ssl/certs:ro
    depends_on: 
      - nginx-proxy

secrets:
  secretium_key:
    file: secretium_key.txt
  secretium_master_username:
    file: secretium_master_username.txt
  secretium_master_password:
    file: secretium_master_password.txt
  secretium_domain:
    file: secretium_domain.txt

DANGER

The VIRTUAL_HOST environment variable must be the same as the DOMAIN and the VIRTUAL_PORT must be the same as the SERVER_PORT.

After editing the docker-compose.yaml file, run the Secretium container with nginx-proxy:

bash
docker-compose up -d

And now your Secretium container is up, running, and accessible over HTTPS.

Support IPv6

You can activate the IPv6 support for the nginx-proxy container by passing the value true to the ENABLE_IPV6 environment variable:

yaml
services:
  nginx-proxy:
    environment:
      ENABLE_IPV6: true

Secretium is 100% free and Open Source project under the Apache 2.0 license.
Official logo distributed under the Creative Commons License (CC BY-SA 4.0 International).

Copyright © 2023-present Vic Shóstak and the True Web Artisans team.