Dataedo on Docker with HTTPS

Marcin Gaweł - Dataedo Team Marcin Gaweł 25th May, 2023

This tutorial is a step-by-step guide to upgrade already runnnig Dataedo Portal on Docker to run over HTTPS. If you haven't installed Docker with Dataedo Portal running yet, please refer to this article.

Requirements:

  • Dataedo Portal runnning on Docker with latest image.
  • .pem certificate and private key for your website (if you don't have it you can create it for free with Certbot)

Setup process:

In your dataedo folder create the file nginx.conf and place the following in it (replace sampledomain.com with your domain name):

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server {
    listen 80;
    server_name sampledomain.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name sampledomain.com;

    ssl_certificate /etc/letsencrypt/live/sampledomain.com/cert.pem;
    ssl_certificate_key /etc/letsencrypt/live/sampledomain.com/privkey.pem;

    ssl_protocols TLSv1.2 TLSv1.3;

    add_header Strict-Transport-Security "max-age=31536000" always;
    add_header X-Content-Type-Options nosniff always;

    location / {
        root /usr/share/nginx/html;
        index index.html index.htm;
        try_files $uri $uri/ /index.html =404;
    }

    location = /api/api/auth/assertion-consumer {
        proxy_method POST;
        proxy_pass http://backend:44345/api/auth/assertion-consumer$is_args$args;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /api/ {
        rewrite ^/api/(.*) /api/$1 break;
        proxy_pass http://backend:44345;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location /notificationhub {
        proxy_pass http://backend:44345/notificationhub;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host $host;
    }
     location /aidescriptionshub {
        proxy_pass http://backend:44345/aidescriptionshub;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host $host;
    }
}

Edit docker-compose.yml and update the frontend service to look like the following (replace sampledomain.com with your domain name):

  frontend:
    image: dataedo/web_ui:stable
    restart: always
    ports:
      - "80:80"
      - "443:443"
    networks:
      - overlay
    depends_on:
      - backend
    env_file:
      - ./.env
    volumes:
      - ./nginx.conf:/etc/nginx/conf.d/default.conf
      - /etc/letsencrypt/live/sampledomain.com:/etc/letsencrypt/live/sampledomain.com
      - /etc/letsencrypt/archive/sampledomain.com:/etc/letsencrypt/archive/sampledomain.com

Update Docker Compose with:

docker compose up -d

All done, your Dataedo instance should be available via HTTPS now.

Found issue with this article? Comment below
Comments are only visible when the visitor has consented to statistics cookies. To see and add comments please accept statistics cookies.
0
There are no comments. Click here to write the first comment.