How to setup several websites on the same server using containers

In this tutorial we are going to set up two websites (with different subdomains) on the same server using containers and proxys.

Table of Contents

• Explaining setup
• Steps
  • Folder structure on the host
  • Add files
  • Run the containers
  • Apache config
  • DNS
  • Adding TLS (HTTPS)
• PHP

Explaining setup

• 2 nginx containers named ‘c1’ and ‘c2’. I will use podman as my container manager, but you can use docker.
• 2 subdomains, one for each website: c1.rs1.es, c2.rs1.es.
• An Apache web server (on the host) which will act as a proxy to the containers.

Steps

Folder structure on the host

Create two folders, ‘c1’ and ‘c2’. Inside each folder, add another two folders: ‘conf’ and ‘html’.

Add files

Add HTML files on ‘html’ folder.

Create an nginx config file on ‘conf’ folder (on ‘c1’ and ‘c2’), called ‘default.conf’. Add this content:

server {
listen       80;
server_name  c1.rs1.es;

location / {
    root   /usr/share/nginx/html;
    index  index.html index.htm;
}

• Change server name on each config file.

‘c1’ folder (and ‘c2’) will look like this:

$ ls -R c1
c1:
config  html

c1/config:
default.conf

c1/html:
index.html

Run the containers

Create first container (remember to change local folder path, use full paths):

podman run -d --name c1 -p 8081:80 -v /home/admin/c1/config:/etc/nginx/conf.d -v /home/admin/c1/html:/usr/share/nginx/html docker.io/library/nginx

• In docker, you can just type nginx instead of docker.io/library/nginx.

Create second container:

podman run -d --name c2 -p 8082:80 -v /home/admin/c2/config:/etc/nginx/conf.d -v /home/admin/c2/html:/usr/share/nginx/html docker.io/library/nginx

Apache config

Ensure port 80 is open on host server firewall. Install Apache if it’s not already installed.

Add new VirtualHosts on apache (/etc/apache2/sites-available/containers.conf):

<VirtualHost *:80>
    ServerName c1.rs1.es
    ProxyPass / http://127.0.0.1:8081/
    ProxyPassReverse / http://127.0.0.1:8081/
</VirtualHost>
<VirtualHost *:80>
    ServerName c2.rs1.es
    ProxyPass / http://127.0.0.1:8082/
    ProxyPassReverse / http://127.0.0.1:8082/
</VirtualHost>

Remove default apache config if exists:

sudo a2dissite 000-default.conf

Enable proxy module and new config:

sudo a2enmod proxy_http
sudo a2ensite containers.conf
sudo systemctl restart apache2

If you want to add IP restrictions, do it in the host file, because containers don’t see the client IP, only the proxy one.

DNS

Add DNS records on your DNS provider (‘A’ record that points to the same server public IP).

Adding TLS (HTTPS)

First, ensure port 443 is open on your server firewall. Then, install python3-certbot-apache on your host. After installation, run sudo certbot --apache certonly and answer the questions to create certificates for each website:

Add new VirtualHosts on etc/apache2/sites-available/containers.conf:

<VirtualHost *:443>
  ServerName c1.rs1.es
  ProxyPass / http://127.0.0.1:8081/
  ProxyPassReverse / http://127.0.0.1:8081/
  SSLEngine on
  SSLCertificateFile /etc/letsencrypt/live/c1.rs1.es/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/c1.rs1.es/privkey.pem
</VirtualHost>
<VirtualHost *:443>
  ServerName c2.rs1.es
  ProxyPass / http://127.0.0.1:8082/
  ProxyPassReverse / http://127.0.0.1:8082/
  SSLEngine on
  SSLCertificateFile /etc/letsencrypt/live/c2.rs1.es/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/c2.rs1.es/privkey.pem
</VirtualHost>

Enable SSL Apache module and restart Apache:

sudo a2enmod ssl

sudo systemctl restart apache2

And that’s it, you can go to https://<your domain> and you will have a valid TLS certificate. You can change HTTP VirtualHosts to redirect to HTTPS (remember to enable rewrite Apache module):

<VirtualHost *:80>
  ServerName c1.rs1.es
  RewriteEngine On
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R=301]
</VirtualHost>

PHP

To run PHP websites, you can use PHP containers instead of Nginx ones. They are Apache+PHP containers, not Nginx+PHP, so use Apache config files:

Apache config for one container (c1/configApache/000-default.conf):

<VirtualHost *:80>
  ServerName c1.rs1.es
  DocumentRoot /var/www/html
</VirtualHost>

Run a container:

podman run -d --name c1 -p 8081:80 -v /home/admin/c1/configApache:/etc/apache2/sites-available -v /home/admin/c1/html:/var/www/html docker.io/library/php:8.1-apache-buster

If you have any suggestion, feel free to contact me via social media or email.