-1

I am trying to set up a home lab with HTTPS using Nginx.

I have made the self signed certs and for this demo I am using the local domain production.local.

My docker compose file for homer is

services:
    homer:
        container_name: homer
        image: b4bz/homer:latest
        volumes:
          - './www/assets:/www/assets'
        environment:
          - INIT_ASSETS=0
          - PORT=8080
          - BASE_URL=/
        restart: unless-stopped
    
      nginx:
        image: nginx:latest
        container_name: nginx_container
        ports:
          - 80:80
        volumes:
          - './nginx.conf:/etc/nginx/nginx.conf'
          - './certs/:/etc/nginx/certs/'
        depends_on:
            - homer
        restart: unless-stopped

With an Nginx File

worker_processes 1;

events { 
    worker_connections 1024; 
}

http {
    sendfile on;
    include       mime.types;
    default_type  application/octet-stream;

    # Redirect all HTTP to HTTPS
    server {
        listen 80;
        server_name production.local;
        return 301 https://$host$request_uri;
    }

    # Main HTTPS server
    server {
        listen 443 ssl;
        server_name production.local;

        # SSL certificates
        ssl_certificate     /etc/nginx/certs/fullchain.pem;
        ssl_certificate_key /etc/nginx/certs/privkey.pem;

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers HIGH:!aNULL:!MD5;
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

        # -----------------------------
        # Homer Dashboard (root path)
        # -----------------------------
        location / {
            proxy_pass http://homer:8080;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            # Optional but recommended for apps behind reverse proxy
            proxy_redirect off;
        }
    }
}

When I then go to production.local in safari, I get the below but no resolution once it redirects to https.

172.18.0.1 - - [12/Nov/2025:22:07:16 +0000] "GET /?t=1762985236854 HTTP/1.1" 301 169 "http://production.local/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15"

This is the non-https setup I had and this worked.

worker_processes 1;
events { worker_connections 1024; }
http {

    sendfile on;

    server {
        listen 80;
        location / {
            proxy_pass http://homer:8080;
        }

        proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}

Support is appreciated. I've spent hours on this and no luck.

Improve this question
0

1 Answer 1

Reset to default
-1

The fix was quite simple. What you will notice is that I hadn't opened up the port 443 in docker so it was not being allowed through once the redirect happened.

Credit to: https with nginx and docker compose not working

services:
    homer:
        container_name: homer
        image: b4bz/homer:latest
        volumes:
          - './www/assets:/www/assets'
        environment:
          - INIT_ASSETS=0
          - PORT=8080
          - BASE_URL=/
        restart: unless-stopped
    
      nginx:
        image: nginx:latest
        container_name: nginx_container
        ports:
          - 80:80
          - 443:443 ****** -> This is the fix ******
        volumes:
          - './nginx.conf:/etc/nginx/nginx.conf'
          - './certs/:/etc/nginx/certs/'
        depends_on:
            - homer
        restart: unless-stopped
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.