Weplex devops - Exposing a developer machine as a public virtual host container

  • Collaborators: Marcio

Date: 2025-07-30
Context: VPS/Docker-based host with containers, exposing a laptop dev server to a public domain securely.

Purpose

Allow a developer laptop running a local server (e.g., localhost:6006) to be exposed publicly as dev.mydomain.com, securely and only when needed.

Architecture Summary

[ Public Domain: dev.mydomain.com ]
           ↓
[ Apache Virtual Host (port 2280) ]
           ↓
[ Docker Container: service.web_1 ]
           ↓
http://service.devproxy.site:6911
           ↓
[ Docker Container: service.devproxy.site ]
           ↓
http://host.docker.internal:4001
           ↓
[ socat port forward: 4001 → localhost:4000 ]
           ↓
[ SSH tunnel: 4000 (VPS) → 6006 (Laptop) ]

Apache Virtual Host

<VirtualHost *:2280>
    ServerName dev.mydomain.com

    ProxyPreserveHost On
    ProxyPass / http://service.devproxy.site:6911/
    ProxyPassReverse / http://service.devproxy.site:6911/
</VirtualHost>

SSH Tunnel from Developer Laptop

ssh -N -R 4000:localhost:6006 youruser@yourserver.com

Enable Script (on Server)

#!/bin/bash
set -e
sudo ufw allow 4001/tcp
sudo pkill -f "socat TCP-LISTEN:4001" || true
nohup sudo socat TCP-LISTEN:4001,fork,reuseaddr TCP:localhost:4000 > "$HOME/socat_devproxy.log" 2>&1 &
sudo docker-compose -f ../../docker-compose.yml up -d --force-recreate service.devproxy.site

Disable Script (on Server)

#!/bin/bash
set -e
sudo pkill -f "socat TCP-LISTEN:4001" || true
sudo ufw delete allow 4001/tcp || true

Developer Flow

  1. Run dev server on laptop (localhost:6006)
  2. Create SSH reverse tunnel to VPS (4000 → 6006)
  3. On VPS, run enable-devtunnel.sh
  4. Access via https://dev.mydomain.com
  5. When done, run disable-devtunnel.sh

📦 NGINX Devproxy Docker Image

This NGINX container proxies requests to the developer's laptop through the forwarded port.

Dockerfile

FROM nginx:1.27-alpine

# Copy custom nginx config
COPY nginx.conf /etc/nginx/nginx.conf

EXPOSE 6911

CMD ["nginx", "-g", "daemon off;"]

nginx.conf

events { }

http {
    server {
        listen 6911;

        location / {
            proxy_pass http://host.docker.internal:4001;
            proxy_connect_timeout 1s;
            proxy_read_timeout 5s;
            proxy_next_upstream error timeout;
            error_page 502 504 = @offline;
        }

        location @offline {
            return 200 '{"status":"offline"}';
            add_header Content-Type application/json;
        }
    }
}
Get to know more about Weplex

© 2019–2025 Weplex Comunicação. Atendemos presencialmente em Ribeirão Preto, na Maurílio Biagi 800, Sala 1104 (SP) ou remotamente, profissionais liberais de todo Brasil e do mundo.

Meplex Comunicações, Weplex Comunicações, Weplex Communications e xBio são marcas registradas de Weplex Comunicações. Todo o conteúdo deste site está protegido por direitos autorais © 2019–2025 Weplex Comunicações. Todos os direitos reservados.

Feito com ❤ por Weplex