├── data ├── cm │ └── .gitkeep ├── solr │ └── .gitkeep └── sql │ └── .gitkeep ├── .gitignore ├── .env ├── README.md └── docker-compose.yml /data/cm/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /data/solr/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /data/sql/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | data/**/* 2 | data/** 3 | !data/*/ 4 | !data/**/*/ 5 | !data/**/*/.gitkeep 6 | -------------------------------------------------------------------------------- /.env: -------------------------------------------------------------------------------- 1 | REGISTRY= 2 | WINDOWSSERVERCORE_VERSION=1909 3 | NANOSERVER_VERSION=1909 4 | SITECORE_VERSION=9.3.0 5 | SITECORE_LICENSE= 6 | SQL_SA_PASSWORD=8Tombs-Given-Clock#-arming-Alva-debut-Spine-monica-Normal-Ted-About1-chard-Easily-granddad-5Context! 7 | TELERIK_ENCRYPTION_KEY=qspJhcSmT5VQSfbZadFfzhCK6Ud7uRoS42Qcm8UofvVLiXciUBcUeZELsTo8KD9o6KderQr9Z8uZ9CHisFJNRz46WTZ5qCRufRFt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Sitecore Docker HTTPS example using reverse proxy 2 | 3 | Demonstrates how to configure a reverse proxy ([Traefik](https://github.com/containous/traefik/) in this case) to handle SSL with a auto generated self-signed certificate on the frontend and proxy traffic to backend services using HTTP. 4 | 5 | ## Usage 6 | 7 | 1. Add (or edit) environment variables used so they match what Windows build your are running and which registry you are using. See [the .env file](.env). 8 | 1. Add `solr.sitecore-https.local` and `cm.sitecore-https.local` to your HOSTS file. 9 | 1. Run `docker-compose up` 10 | 11 | > IMPORTANT: The traefik service in docker-compose.yml is configured to use port 80 and 443, so if you got anything running using the same ports for example IIS, you need to shut it down (or stop the sites) or change the ports. 12 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.4" 2 | 3 | services: 4 | 5 | traefik: 6 | image: traefik:v2.1.4-windowsservercore-1809 7 | command: 8 | - "--api.insecure=true" 9 | - "--providers.docker.endpoint=npipe:////./pipe/docker_engine" 10 | - "--providers.docker.exposedByDefault=false" 11 | - "--entryPoints.web.address=:80" 12 | - "--entryPoints.websecure.address=:443" 13 | ports: 14 | - "80:80" 15 | - "443:443" 16 | - "8080:8080" 17 | volumes: 18 | - source: \\.\pipe\docker_engine 19 | target: \\.\pipe\docker_engine 20 | type: npipe 21 | depends_on: 22 | - solr 23 | - cm 24 | 25 | sql: 26 | image: ${REGISTRY}sitecore-xm-sqldev:${SITECORE_VERSION}-windowsservercore-${WINDOWSSERVERCORE_VERSION} 27 | volumes: 28 | - .\data\sql:C:\Data 29 | mem_limit: 2GB 30 | environment: 31 | SA_PASSWORD: ${SQL_SA_PASSWORD} 32 | ACCEPT_EULA: "Y" 33 | 34 | solr: 35 | image: ${REGISTRY}sitecore-xm-solr:${SITECORE_VERSION}-nanoserver-${NANOSERVER_VERSION} 36 | volumes: 37 | - .\data\solr:C:\Data 38 | mem_limit: 1GB 39 | environment: 40 | SOLR_LOG_LEVEL: INFO 41 | labels: 42 | - "traefik.enable=true" 43 | - "traefik.http.middlewares.redirect-to-https.redirectScheme.scheme=https" 44 | - "traefik.http.routers.solr.entrypoints=web" 45 | - "traefik.http.routers.solr.rule=Host(`solr.sitecore-https.local`)" 46 | - "traefik.http.routers.solr.middlewares=redirect-to-https" 47 | - "traefik.http.routers.solr-secure.entrypoints=websecure" 48 | - "traefik.http.routers.solr-secure.rule=Host(`solr.sitecore-https.local`)" 49 | - "traefik.http.routers.solr-secure.tls=true" 50 | 51 | cm: 52 | image: ${REGISTRY}sitecore-xm-cm:${SITECORE_VERSION}-windowsservercore-${WINDOWSSERVERCORE_VERSION} 53 | entrypoint: powershell.exe -Command "& C:\\tools\\entrypoints\\iis\\Development.ps1" 54 | environment: 55 | SITECORE_LICENSE: ${SITECORE_LICENSE} 56 | SITECORE_APPSETTINGS_ROLE:DEFINE: ContentManagement, Indexing 57 | SITECORE_CONNECTIONSTRINGS_CORE: Data Source=sql;Initial Catalog=Sitecore.Core;User ID=sa;Password=${SQL_SA_PASSWORD} 58 | SITECORE_CONNECTIONSTRINGS_SECURITY: Data Source=sql;Initial Catalog=Sitecore.Core;User ID=sa;Password=${SQL_SA_PASSWORD} 59 | SITECORE_CONNECTIONSTRINGS_MASTER: Data Source=sql;Initial Catalog=Sitecore.Master;User ID=sa;Password=${SQL_SA_PASSWORD} 60 | SITECORE_CONNECTIONSTRINGS_WEB: Data Source=sql;Initial Catalog=Sitecore.Web;User ID=sa;Password=${SQL_SA_PASSWORD} 61 | SITECORE_CONNECTIONSTRINGS_EXPERIENCEFORMS: Data Source=sql;Initial Catalog=Sitecore.ExperienceForms;User ID=sa;Password=${SQL_SA_PASSWORD} 62 | SITECORE_CONNECTIONSTRINGS_SOLR.SEARCH: http://solr:8983/solr 63 | SITECORE_APPSETTINGS_TELERIK.ASYNCUPLOAD.CONFIGURATIONENCRYPTIONKEY: ${TELERIK_ENCRYPTION_KEY} 64 | SITECORE_APPSETTINGS_TELERIK.UPLOAD.CONFIGURATIONHASHKEY: ${TELERIK_ENCRYPTION_KEY} 65 | SITECORE_APPSETTINGS_TELERIK.WEB.UI.DIALOGPARAMETERSENCRYPTIONKEY: ${TELERIK_ENCRYPTION_KEY} 66 | ENTRYPOINT_STDOUT_IIS_ACCESS_LOG_ENABLED: 'false' 67 | ENTRYPOINT_STDOUT_IIS_ERROR_LOG_ENABLED: 'false' 68 | ENTRYPOINT_STDOUT_SITECORE_LOG_ENABLED: 'true' 69 | depends_on: 70 | - sql 71 | - solr 72 | labels: 73 | - "traefik.enable=true" 74 | - "traefik.http.middlewares.redirect-to-https.redirectScheme.scheme=https" 75 | - "traefik.http.routers.cm.entrypoints=web" 76 | - "traefik.http.routers.cm.rule=Host(`cm.sitecore-https.local`)" 77 | - "traefik.http.routers.cm.middlewares=redirect-to-https" 78 | - "traefik.http.routers.cm-secure.entrypoints=websecure" 79 | - "traefik.http.routers.cm-secure.rule=Host(`cm.sitecore-https.local`)" 80 | - "traefik.http.routers.cm-secure.tls=true" 81 | --------------------------------------------------------------------------------