Reverse Proxy Configuration

This page offers a sample configuration for running Cawemo with an automated NGINX reverse proxy for Docker with SSL support. To do so, please follow the following steps:

1. Download docker-compose.reverse-proxy.yml

Download this docker-compose.reverse-proxy.yml file to the same location you put the docker-compose.yml from step 2 of the on-premise installation.

2. Extend the .env File

Add these values to the .env file you created in step 3 of the on-premise installation and adjust the values according to your own setup.

3. Create a Folder For Your Certificates

You have to provide SSL certificates for the host names used in SERVER_HOST, BROWSER_WEBSOCKET_HOST and IAM_SERVER_HOST via the path configured in SERVER_TLS_CERTIFICATES_PATH. The certificates and their corresponding private keys must be provided in the PEM file format. They should be named after a certain scheme:

  • Individual certificates should be named after the host name with a .crt and .key extension. For example, a value of should have a and file in the certificate directory.
  • Wildcard certificates should be named after the domain name with a .crt and .key extension. For example, a value of needs and files in the certificate directory.

Beware that self-signed certificates won’t work. For more detailed information on the reverse proxy’s SSL configuration options see the official documentation.

4. Run Cawemo

Use the following command for running Cawemo with the provided reverse proxy:

docker-compose -f docker-compose.yml -f docker-compose.reverse-proxy.yml up -d

Point your web browser to the URL you defined above as SERVER_URL to verify that the application is running.

On this Page: