Correct Way to Configure SSL for MedCatTrainer

[jamboNum5]

I'm fairly new to Docker, but I was hoping to ask someone who might know a little more whether this is best way of running MedCATtrainer using SSL.

After making amendments to nginx/site-enabled/medcattrainer, I was expecting the changes to flow through when I started up the container. I logged into the container and checked over the nginx conf for medcat, and my changes hadn't come through. I don't know if there is a docker command to rebuild and get this file situ.

However, I could only get SSL working after I manually mapped the nginx config through to the container using the settings below:

Any advice on the correct/advised way would be great.

• Is this optimal way of configuring SSL?
• Should docker actually be updating the nginx.conf file given it is in the medcat file directory?
• Have I missed a step somewhere?

Amended docker-compose.yml:

  nginx:
    container_name: medcattrainer_nginx
    image: cogstacksystems/medcat-trainer-nginx:v2.3.7
    restart: always
    volumes:
      - api-media:/home/api/media
      - api-static:/home/api/static
      # Mapped SSL certs to location in container
      - /etc/pki/tls/cert.pem:/etc/ssl/private/cert.pem
      - /etc/pki/tls/private.key:/etc/ssl/private/private.key
      # SSL config would only work if I manually mapped the nginx.conf file from medCat to the container
      - /home/locuser/MedCATtrainer/nginx/sites-enabled/medcattrainer:/etc/nginx/sites-enabled/medcattrainer
    expose:
      - 443
      - 8000
    ports:
      - "${MCTRAINER_PORT:-8001}:8000"
      - 443:8000

Amended Nginx medcattrainer conf:

server {
    # added SSL 
    listen 8000 ssl;
    server_name somewhere.com localhost;
    ... # other config inbetween

    # Basic SSL Conf
    ssl_certificate /etc/ssl/private/cert.pem; 
    ssl_certificate_key /etc/ssl/private/private.key;
    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;