NathanVaughn
commented
8 months ago There's a lot of options. What I would recommend is to run the container, and not expose the port to the public internet. Then, I would run a reverse proxy of some kind on the same server, and let this handle incoming connections. Your reverse proxy should handle adding encryption and renewing certificates with something like Let's Encrypt. Your reverse proxy would be what actually is listening on port 443 on the public interface of your server.
Diagram:
I personally like to use Traefik as it integrates nicely with Docker and automatically manages Let's Encrypt certificates.
As for the BASE_URL environment variable, this is used to let Webtrees know how to build links. In the example above, it may think it's accessible at http://localhost:8080, but it reality its links should be pointing at https://webtrees.example.com .
Fransie-dev
Hi!
I'm quite inexperienced working with DNS, and I am trying to figure out what is the correct way to host this container on a registered domain? I'm assuming I can host the container on a remote server and route the domain name to the IP of the remote server. I'm running into some issues with this approach, and I just wanted to check if I'm missing something? Also, what is the point of the base url env variable then?