Reverse Proxy Container Approaches for Oracle Autonomous DB + Cloudflare

Reverse Proxy Container Approaches for Oracle Autonomous DB + Cloudflare

Matt Mulvaney's photo
Matt Mulvaney
·

3 min read

Table of contents

This blog differs from other methods in these regards:

  • Use of Docker instead of Non-containerized deployment

  • Use of Cloudflare 15 year Certificates instead of Let’s Encrypt 3 monthlies

  • This is the only guide, I believe, that includes steps for Nginx Proxy Manager

If you want to use native & Let’s Encrypt, then I suggest you follow this guide.

If you are not using Autonomous DB & using something self-hosted or “other cloud”, then the configuration in this guide may suit you better.

These are the methods described in this blog

  • Nginx Proxy Manager

  • Nginx

  • Cloudflare Worker - nearly there/coming soon

I find Nginx Proxy Manager the best especially if you already have a NPM setup.

The Nginx configuration files used in this blog are wildly documented on the web for Oracle APEX - thanks Timo. I do not take credit for their creation. This blog is about the installation and appliance of those configurations on Docker containers.

I also use Cloudflare 15 year Origin Certificates rather than the Let’s Encrypt 3 monthlies.

All approaches contain 2 commented lines in the configuration. Un-comment these and customize them if you want your URL to go to a specific application.

If you un-comment these, actually it makes sense to do it (rather than navigating to the ORDS landing page), you can always get to page designer using http://your-custom-domain/ords/apex

Nginx Proxy Manager

First, follow this guide to create an Nginx Proxy Manager on Oracle Cloud. Ensure you follow all steps including opening the ports on Oracle Cloud.

Create a Proxy Host with these details

In Advanced, paste in the below changing your-adb-url on two occasions.

    location /ords/ {
        proxy_pass https://your-adb-url/ords/;
        proxy_set_header Origin "" ;
        proxy_set_header X-Forwarded-Host $host:$server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Navigate direct to an Application
        # proxy_redirect https://your-adb-url/ords/_/landing https://example.com/ords/r/your-wksp/your-app-alias;
        # proxy_redirect https://your-adb-url/ https://example.com/;

    }

    location /i/ {
        proxy_pass https://your-adb-url/i/;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

Click Save

ENJOY!

Nginx

First, Create a Compute Instance on Oracle Cloud.

Then, open ports 80 & 443 following this guide

Then, install docker-ce edition on Oracle Compute.

Now, install Nginx

docker run --name mynginx -p 80:80 -p 443:443 -d nginx

Fetch your IP (unless you it know it already)

curl ipconfig.io

Try the IP in your browser

Now we enter bash

docker exec -it mynginx /bin/bash

Update apt repositories

apt update

Install nano

apt install nano -y

Create an ssl folder to hold the Cloudflare Certificates.

 mkdir /etc/nginx/ssl/

Paste in the Origin Certificate from the Get a (Sub) Domain an Certificate steps & Ctrl+X to save and exit.

nano /etc/nginx/ssl/cert.pem

Paste in the Private Key from the Get a (Sub) Domain an Certificate steps & Ctrl+X to save and exit.

nano /etc/nginx/ssl/key.pem

Create an Nginx configuration file using your domain name in the filename

nano /etc/nginx/conf.d/example.com.conf

paste in the configuration below changing example.com to your sub/domain several times and changing the your text several times.

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/nginx/ssl/cert.pem;
    ssl_certificate_key /etc/nginx/ssl/key.pem;

    location /ords/ {
        proxy_pass https://your-adb-url/ords/;
        proxy_set_header Origin "" ;
        proxy_set_header X-Forwarded-Host $host:$server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Navigate direct to an Application
        # proxy_redirect https://your-adb-url/ords/_/landing https://example.com/ords/r/your-wksp/your-app-alias;
        # proxy_redirect https://your-adb-url/ https://example.com/;

    }

    location /i/ {
        proxy_pass https://your-adb-url/i/;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

server {
    listen 80;
    server_name 0code.io;
    return 301 https://$host$request_uri;
}

exit a few times

exit

Restart Nginx container

docker restart mynginx

Cloudflare Worker

Nearly there/coming soon

ENJOY!

What’s the picture? It’s the shop on the Platform of Knaresborough Train Station. Visit Yorkshire

OCIOraclenginxnginx proxy manageradb#oracle-apexorclapex