Reverse Proxy Container Approaches for Oracle Autonomous DB + Cloudflare

Matt MulvaneyMatt Mulvaney
3 min read

Table of contents

This blog differs from other methods in these regards:

  • Use of Docker instead of Non-containerized deployment

  • Use of Cloudflare 15 year Certificates instead of Let’s Encrypt 3 monthlies

  • This is the only guide, I believe, that includes steps for Nginx Proxy Manager

If you want to use native & Let’s Encrypt, then I suggest you follow this guide.

If you are not using Autonomous DB & using something self-hosted or “other cloud”, then the configuration in this guide may suit you better.

These are the methods described in this blog

  • Nginx Proxy Manager

  • Nginx

  • Cloudflare Worker - nearly there/coming soon

I find Nginx Proxy Manager the best especially if you already have a NPM setup.

The Nginx configuration files used in this blog are wildly documented on the web for Oracle APEX - thanks Timo. I do not take credit for their creation. This blog is about the installation and appliance of those configurations on Docker containers.

I also use Cloudflare 15 year Origin Certificates rather than the Let’s Encrypt 3 monthlies.

All approaches contain 2 commented lines in the configuration. Un-comment these and customize them if you want your URL to go to a specific application.

If you un-comment these, actually it makes sense to do it (rather than navigating to the ORDS landing page), you can always get to page designer using http://your-custom-domain/ords/apex

Nginx Proxy Manager

First, follow this guide to create an Nginx Proxy Manager on Oracle Cloud. Ensure you follow all steps including opening the ports on Oracle Cloud.

Create a Proxy Host with these details

In Advanced, paste in the below changing your-adb-url on two occasions.

    location /ords/ {
        proxy_pass https://your-adb-url/ords/;
        proxy_set_header Origin "" ;
        proxy_set_header X-Forwarded-Host $host:$server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Navigate direct to an Application
        # proxy_redirect https://your-adb-url/ords/_/landing https://example.com/ords/r/your-wksp/your-app-alias;
        # proxy_redirect https://your-adb-url/ https://example.com/;

    }

    location /i/ {
        proxy_pass https://your-adb-url/i/;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

Click Save

ENJOY!

Nginx

First, Create a Compute Instance on Oracle Cloud.

Then, open ports 80 & 443 following this guide

Then, install docker-ce edition on Oracle Compute.

Now, install Nginx

docker run --name mynginx -p 80:80 -p 443:443 -d nginx

Fetch your IP (unless you it know it already)

curl ipconfig.io

Try the IP in your browser

Now we enter bash

docker exec -it mynginx /bin/bash

Update apt repositories

apt update

Install nano

apt install nano -y

Create an ssl folder to hold the Cloudflare Certificates.

 mkdir /etc/nginx/ssl/

Paste in the Origin Certificate from the Get a (Sub) Domain an Certificate steps & Ctrl+X to save and exit.

nano /etc/nginx/ssl/cert.pem

Paste in the Private Key from the Get a (Sub) Domain an Certificate steps & Ctrl+X to save and exit.

nano /etc/nginx/ssl/key.pem

Create an Nginx configuration file using your domain name in the filename

nano /etc/nginx/conf.d/example.com.conf

paste in the configuration below changing example.com to your sub/domain several times and changing the your text several times.

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/nginx/ssl/cert.pem;
    ssl_certificate_key /etc/nginx/ssl/key.pem;

    location /ords/ {
        proxy_pass https://your-adb-url/ords/;
        proxy_set_header Origin "" ;
        proxy_set_header X-Forwarded-Host $host:$server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Navigate direct to an Application
        # proxy_redirect https://your-adb-url/ords/_/landing https://example.com/ords/r/your-wksp/your-app-alias;
        # proxy_redirect https://your-adb-url/ https://example.com/;

    }

    location /i/ {
        proxy_pass https://your-adb-url/i/;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

server {
    listen 80;
    server_name 0code.io;
    return 301 https://$host$request_uri;
}

exit a few times

exit

Restart Nginx container

docker restart mynginx

Cloudflare Worker

Nearly there/coming soon

ENJOY!

What’s the picture? It’s the shop on the Platform of Knaresborough Train Station. Visit Yorkshire

4
Subscribe to my newsletter

Read articles from Matt Mulvaney directly inside your inbox. Subscribe to the newsletter, and don't miss out.

OCIOraclenginxnginx proxy manageradb#oracle-apexorclapex

Written by

Matt Mulvaney
Matt Mulvaney

With around 20 years on the job, Matt is one of the most experienced software developers at Pretius. He likes meeting new people, traveling to conferences, and working on different projects. He’s also a big sports fan (regularly watches Leeds United, Formula 1, and boxing), and not just as a spectator – he often starts his days on a mountain bike, to tune his mind.