Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

CONNECT flows

Docker

  • Last UpdatedJun 26, 2026
  • 1 minute read

Set proxy variables on the container and use NO_PROXY to list hosts that must bypass the proxy (local databases, brokers, internal APIs, etc.).
To trust a corporate proxy CA, either:

  • mount a trusted CA bundle from the host into the container, or

  • bake the CA into a custom image

    services:

    edgeNode:

    container_name: crosser-edgeNode

    restart: always

    environment:

    # --- Flows credentials (required) ---

    - SecurityConfiguration__Credentials__NodeId=ENTER-YOUR-NODEID-HERE

    - SecurityConfiguration__Credentials__AccessKey=ENTER-YOUR-ACCESS-KEY-HERE

    # --- Proxy settings (OPTIONAL) ---

    # Use http://user:pass@proxy.example.com:3128 if authentication is required.

    - HTTP_PROXY=http://proxy.example.com:3128

    - HTTPS_PROXY=http://proxy.example.com:3128

    # Duplicate in lowercase for tools/libraries that only read one variant.

    - http_proxy=http://proxy.example.com:3128

    - https_proxy=http://proxy.example.com:3128

    # Hosts that should BYPASS the proxy (comma-separated):

    # include localhost, container service names, Docker host alias, and intranet domains.

    - NO_PROXY=localhost,127.0.0.1,::1,host.docker.internal,edgeNode,*.local,db,influxdb,mosquitto,my-internal-api.corp.local

    - no_proxy=localhost,127.0.0.1,::1,host.docker.internal,edgeNode,*.local,db,influxdb,mosquitto,my-internal-api.corp.local

    ports:

    - 9090:9090

    - 9191:9191

    - 1883:1883

    volumes:

    - "./data:/application/data"

    # Map the Ubuntu host's trusted CA bundle into the container (READ-ONLY).

    # Ensure your corporate/proxy root CA is installed on the host (see notes below).

    - "/etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro"

    # Alternative: map the whole directory if preferred (comment the single-file line above)

    # - "/etc/ssl/certs:/etc/ssl/certs:ro"

    # - "/etc/ssl/certs/ca-certificates.crt:/etc/ssl/cert.pem:ro"

    logging:

    driver: json-file

    options:

    max-size: "50m"

    max-file: "2"

Notes

Add your proxy CA to Ubuntu (host)

place proxy-root.crt in /usr/local/share/ca-certificates/ and run sudo update-ca-certificates. This updates /etc/ssl/certs/ca-certificates.crt, which the container mounts.

Local services in Compose

Add each service name you connect to (for example, db, mosquitto, influxdb) to NO_PROXY.

Docker host from Linux containers

if you call services on the Docker host, include host.docker.internal (on Linux you may need to add extra_hosts: - "host.docker.internal:host-gateway" and Docker 20.10+).

In This Topic
TitleResults for “How to create a CRG?”Also Available in