Installation
To install MapTiler Server as a Docker image, run docker pull maptiler/server:latest
. The basic sample of docker-compose
is available here.
Prepare docker-compose
Let's assume, we start blank on the computer in our path /Projects/server/
. We need files docker-compose.yml
, nginx.conf
, and generate-certificates.sh
.
# =============================== # docker-compose.yml version: "3.5" services: server: container_name: server image: maptiler/server:latest command: --adminPassword=${ADMIN_PASS:-"admin123"} restart: "always" volumes: - ./data/:/data/ - ./log/server/:/data/logs/ environment: MAPTILER_SERVER_LICENSE: ${MAPTILER_SERVER_LICENSE:-""} nginx: container_name: nginx image: nginx:1.25-alpine restart: "always" depends_on: - server - gen_certs ports: - "80:80" - "443:443" volumes: - ./nginx.conf:/etc/nginx/conf.d/server.conf:ro - ./certs:/etc/nginx/certs/:ro - ./log/nginx/:/var/log/nginx/ gen_certs: container_name: gen_certs image: maptiler/server:latest entrypoint: bash command: /tmp/generate-certificates.sh working_dir: /tmp/certs/ volumes: - ./generate-certificates.sh:/tmp/generate-certificates.sh:ro - ./certs:/tmp/certs/ restart: "no"
# =============================== # nginx.conf server { listen 443 ssl; server_name maps.company.com; access_log /var/log/nginx/maptiler_server_https_access.log; error_log /var/log/nginx/maptiler_server_https_error.log; ssl_certificate /etc/nginx/certs/maptiler-server.crt; ssl_certificate_key /etc/nginx/certs/maptiler-server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_hide_header Access-Control-Allow-Origin; add_header 'Access-Control-Allow-Origin' 'maps.company.com'; proxy_pass http://server:3650; proxy_read_timeout 90; proxy_redirect http://server:3650 http://maps.company.com; # client_max_body_size 100M; client_max_body_size 3G; } }
# =============================== # generate-certificates.sh if [ ! -f maptiler-server.crt -o ! -f maptiler-server.key ]; then openssl rand -writerand .rnd openssl req -x509 -rand .rnd -nodes -newkey "rsa:2048" \ -days 365 \ -subj "/C=CZ/ST=Moravia/L=Brno/O=MapTiler/OU=Development/CN=maps.company.com" \ -keyout "maptiler-server.key" \ -out "maptiler-server.crt" rm -f .rnd fi exit 0
Start docker compose
With prepared sample data you can just start docker in the background (as a daemon):
$ docker compose up -d
Now open your browser with the server name: https://maps.company.com/
Configuration
You can create or replace the SSL certificates in the folder /Projects/server/certs/
with your own signed SSL certificates (files maptiler-server.crt
and maptiler-server.key
. If you want to redirect unsecure HTTP, just add new server
into nginx.conf
and restart docker containers.
# HTTP server server { listen 80;
server_name maps.company.com;
location / { return 302 https://maps.company.com/$request_uri; } }
You can adjust nginx configuration, set max-age for Security Transport: add_header Strict-Transport-Security max-age=15768000;
inside server block.
Comments
2 comments
Hi Martin,
This article is very clear and we have been able to implement a solution this way.
Now we are facing another issue. We want to deploy APIs/webservers on the same machine, all of it using https/443. To achieve this I extend the nginx file with locations like "/apiv1" and "/apiv2" but also I need the base location "/" to be free for other things.
How can I add a prefix to the url/path that the tile server uses? The tile server will happily take "https://machine_name" over but I need a little more than this, something like "https://machine_name/maps". Is there a way to achieve this via configuration of the tile server itself?
Cheers.
Hello Vitor,
Thank you for leaving a comment in the documentation portal!
You are right, it is currently not easy to configure the source folder for the maps.
Frankly speaking, MapTiler Server is not able to work with the path "https://machine_name/maps".
I am going to push your insight to the product team to consider and put it on the product roadmap.
In the meantime, could you please use a separate subdomain like: maps.domain.tld/ ?
Jiri
Please sign in to leave a comment.