From the Terminal

Port forwarding a database through a VPN with Docker and Nginx

September 13, 2023 by Henry
nginx docker containers openvpn vpn mysql mariadb postgresql port forwarding networking

This goes into your docker-compose.yml

version: '3.9'

services:  
  openvpn-client:
    image: ghcr.io/wfg/openvpn-client
    container_name: openvpn-client
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun
    volumes:
      - ./.docker/openvpn:/config # place config.ovpn file into this folder
    #network_mode: container:openvpn-client
    #restart: unless-stopped
    environment:
      - CONFIG_FILE=config.ovpn
      - ALLOWED_SUBNETS=192.168.0.0/24,192.168.1.0/24
    #  - AUTH_SECRET=credentials.txt
    networks:
      front-tier:
        ipv4_address: 172.25.0.7
  proxy:
    image: nginx:1.25.1
    container_name: db-proxy
    network_mode: container:openvpn-client
    volumes:
    - ./.docker/proxy/nginx/:/etc/nginx/
    - ./.docker/proxy/logs/:/var/log/nginx/
    depends_on:
      - openvpn-client

networks:
  front-tier:
    ipam:
      driver: default
      config:
        - subnet: "172.25.0.0/24"

Make sure to create the folders .docker/proxy/nginx/ and .docker/proxy/logs/.

Place this into .docker/proxy/nginx/nginx.conf

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    # This is where all http server configs go.
}

stream {
    server {
      listen 5432;
    
      proxy_connect_timeout 60s;
      proxy_socket_keepalive on;
      proxy_pass 10.0.3.11:5432;
    }
}

Just make sure to set proxy_pass to the destination.

After running docker-compose up you'll be good to go.