From 55e59d9ade2615f7ac8154873acc4030c6f8c0e0 Mon Sep 17 00:00:00 2001
From: mjbnz <mike@ethernal.org>
Date: Thu, 14 Feb 2019 10:51:57 +1300
Subject: [PATCH] Updated Nginx Reverse Proxy for homelab services using SSO
 (markdown)

---
 ...Reverse-Proxy-for-homelab-services-using-SSO.md | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/Nginx-Reverse-Proxy-for-homelab-services-using-SSO.md b/Nginx-Reverse-Proxy-for-homelab-services-using-SSO.md
index 8c66856..35ddbba 100644
--- a/Nginx-Reverse-Proxy-for-homelab-services-using-SSO.md
+++ b/Nginx-Reverse-Proxy-for-homelab-services-using-SSO.md
@@ -14,25 +14,27 @@ First, create the following docker containers (feel free to adjust local volume
 
 ```sh
 mkdir -p /srv/nginx-rproxy/{conf/include,certs,log}
-docker run -d nginx:latest                                   \
+docker run                                                   \
     --name=nginx-rproxy                                      \
     -p 443:443                                               \
     -p 80:80                                                 \
     --restart=unless-stopped                                 \
     --volume="/srv/nginx-rproxy/conf:/etc/nginx/conf.d:ro"   \
     --volume="/srv/nginx-rproxy/certs:/etc/nginx/certs:ro"   \
-    --volume="/srv/nginx-rproxy/log:/var/log/nginx"
+    --volume="/srv/nginx-rproxy/log:/var/log/nginx"          \
+    -d nginx:latest
 ```
 
 ##### nginx-sso
 
 ```sh
 mkdir -p /srv/nginx-sso
-docker run -d luzifer/nginx-sso:latest \
+docker run                             \
     --name=nginx-sso                   \
-    -p 8082:8082                       \
+    -p 172.17.0.1:8082:8082            \
     --restart=unless-stopped           \
-    --volume="/srv/nginx-sso:/data"
+    --volume="/srv/nginx-sso:/data"    \
+    -d luzifer/nginx-sso:latest
 ```
 
 ### nginx-sso Configuration
@@ -285,6 +287,8 @@ If you would like to logout of the SSO session (to use another username for exam
 
 The SSO login page html is in `/srv/nginx-sso/frontend/index.html` if you wanted to adjust it, skin it, theme it, etc etc.
 
+The IP `172.17.0.1` mentioned throughout is that of your `docker0` interface. If yours is different, adjust accordingly.
+
 There's good information on the [nginx-sso GitHub wiki](https://github.com/Luzifer/nginx-sso/wiki) for configuration of nginx-sso. You probably saw while editing the config file that there's fairly decent support for other authentication providers, and even 2FA.... You should use 2FA.
 
 The default nginx-sso config above is very generous with the access acls (which are very powerful - see the nginx-sso wiki linked above). You can basically access anything you've configured once you're logged in. You can be very granular about what services a given username or group can log into.