This guide walks you through how to configure a domain to a docker container and install an SSL certificate on AWS. Throughout this guide, you will learn how to provision an EC2 instance, install Docker, Run a docker container, install and configure Nginx, Install SSL, and set up DNS records. This article guide assumes that Docker is already installed on your system and that the DNS records of your domain are set up accordingly, otherwise, watch the YouTube video provided for these or check out this article on how to install Docker on Linux.

Step 1: Run a docker container

Run a docker container of your intended web application. Replace the docker command below with your preferred tags and image.

docker run --name dtechweb -d -p8001:8000 dannywangari/dtechnologies:2.0.0

Step 2: Install Nginx webserver

Install Nginx webserver. This will serve as a reverse proxy for our domain name.

sudo apt update   #update package repository
sudo apt install nginx -y    #install Nginx

Step 3: Nginx Configuration To Configure a domain to a docker container

Set up the Nginx configurations to route traffic to the appropriate docker container.

sudo nano /etc/nginx/sites-available/dtechnologies.co.ke  #run this to open the nano editor. Replace dtechnologies.co.ke with your domain name. 
#The add the following and save
server {
    listen 80;
    server_name dtechnologies.co.ke;

    location / {
        proxy_pass http://127.0.0.1:8001;  #this is the port on your container. Replace it accordingly.
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

step 4: Enable Nginx Sites

Create a symbolic link to the sites-enabled directory with the configurations created above. Run the command below. Replace the subdomain/domain as needed.

sudo ln -s /etc/nginx/sites-available/dtechnologies.co.ke /etc/nginx/sites-enabled/

Step 5: Test Nginx Configuration

It’s now time to test if the configurations used are correct. Run the command below. In case of errors, inspect the Nginx logs and fix them. If the test is successful, reload nginx.

sudo nginx -t
#if the test is ok, restart nginx
sudo systemctl restart nginx

Step 6: Install Certbot

Certbot automates the process of obtaining and renewing SSL certificates from Let’s Encrypt. Run the following commands to install

sudo apt update
sudo apt install certbot python3-certbot-nginx -y

Step 7: Obtain an SSL Certificate

Run the command below to provision an SSL certificate for your domain name. Cerbot will automatically configure Nginx for the domain name. Replace the stated domain name with your domain name.

sudo certbot --nginx -d dtechnologies.co.ke   #follow the prompts

The command above performs the following tasks:

1. Obtain a certificate from Let’s Encrypt.
2. Modify your Nginx configuration to include the SSL settings.
3. Set up automatic renewal for the certificate.

Step 8: Configure Nginx to Redirect HTTP to HTTPS

This step simply confirms that Certbot has already handled the configurations. Run the following to access the nginx settings for our domain name.

sudo nano /etc/nginx/sites-available/dtechnologies.co.ke

Check and confirm that you have updated the SSL certificate blocks of code and enforced the HTTPS redirect. See the sample:

server {
    server_name dtechnologies.co.ke;

    location / {
        proxy_pass http://127.0.0.1:8001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/dtechnologies.co.ke/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/dtechnologies.co.ke/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = dtechnologies.co.ke) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name dtechnologies.co.ke;
    return 404; # managed by Certbot


}

Step 9: Test the Nginx Configurations

Test the current state of the Nginx config and fix errors if they exist. If there are no errors, restart the Nginx service and proceed to ensure that your domain works as needed.

sudo nginx -t
sudo systemctl restart nginx

Step 10: Set UP SSL Auto-Renewal

As previously mentioned, Certbot will set the autorenewal of the SSL certificate. To confirm this, Check Certbot Systemd Timer by running the following command:

sudo systemctl status certbot.timer
#if the above shows that its not active, run the following to activate:
sudo systemctl enable certbot.timer
sudo systemctl start certbot.timer

In the worst-case scenario where the SSL certificate is not set to autorenew, you should create a cron job to handle the autorenewal. Run the following:

sudo crontab -e
#add the following:
0 0,12 * * * /usr/bin/certbot renew --quiet --renew-hook "systemctl reload nginx"
#This cron expression means "at minute 0 of hour 0 and 12 on every day of the month, and every day of the week." Essentially, it runs at midnight and noon every day. Save and exit!

#Run the following to verify the cron jon
sudo crontab -l

---

Web Hosting and email hosting Packages

---

For web development services, SEO services, Digital marketing strategies, website set up services, web hosting and domain registration; contact Dynamic Technologies.

---

Related Posts:

• How to configure a domain to a docker container and install an SSL certificate on AWS
• How to Configure a Docker App to a Domain Name
• A Practical Tutorial for Dockerizing Software Applications
• Getting Started with Docker | Docker commands
• How to install Docker on a Linux machine
• How to deploy Django project on an Apache Server