• Docker搭建nginx

    Docker搭建nginx

    青杉 815 2021-11-17

    Docker搭建nginx

    • 拉取鏡像
    docker pull nginx

    • 文件目錄

      • 啟動基礎容器用于資源拷貝
      docker run -d --name=nginx01 nginx
      • 創建本地目錄,用于存放Nginx的相關文件信息.
      # mkdir -p ~/nginx/logs ~/nginx/conf  ~/nginx/conf/conf.d ~/nginx/www
      • www: 目錄將映射為 nginx 容器配置的虛擬目錄。
      • logs: 目錄將映射為 nginx 容器的日志目錄。
      • conf: 目錄里的配置文件將映射為 nginx 容器的配置文件。
      日志文件位置:/var/log/nginx
配置文件位置: /etc/nginx
資源存放的位置: /usr/share/nginx/html
      • 拷貝配置文件
      	docker cp [容器id]:/etc/nginx ./conf

      ?```
cd ~/nginx/conf
#nginx.conf文件復制到conf目錄下
docker cp nginx01:/etc/nginx/nginx.conf nginx.conf
#把容器中的default.conf文件復制到conf目錄下
docker cp nginx01:/etc/nginx/conf.d/default.conf ~/nginx/conf/conf.d  
#刪除鏡像
docker rm -f nginx01 
	?```

    • 部署命令

      docker run --rm -d -p 80:80 --name proxy_nginx \
  -v ~/nginx/www:/usr/share/nginx/html \
  -v ~/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \
  -v ~/nginx/logs:/var/log/nginx \
  nginx

    • 修改default.conf文件

      server {
        listen       80;         #監聽的端口
        server_name  www.一級域名.com;    #監聽的URL
        location / {
           proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:6666;#這里寫需要轉發的地址
        }
    }
    server {
        listen       80;         #監聽的端口
        server_name  web.一級域名.com;    #監聽的URL
        location / {
           proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8082;#這里寫需要轉發的地址
        }
    }
server {
        listen       80;         #監聽的端口
        server_name  api.一級域名.com;    #監聽的URL
        location / {
           proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:9999;#這里寫需要轉發的地址
        }
    }

    https

    運行nginx代理

    docker run --detach \
    --restart always \
    --name proxy_nginx \
    -p 443:443\
    -p 80:80 \
    -v /root/nginx/data:/usr/share/nginx/html:rw\
    -v /root/nginx/conf/nginx.conf:/etc/nginx/nginx.conf/:rw\
    -v /root/nginx/conf/conf.d/default.conf:/etc/nginx/conf.d/default.conf:rw\
    -v /root/nginx/logs:/var/log/nginx/:rw\
    -v /root/nginx/ssl:/ssl/:rw\
    -d nginx

    修改default.conf文件

    server {
        listen       80;         #監聽的端口
        listen  443 ssl;
        server_name  www.defult.com;    #監聽的URL

        # 增加ssl
    #ssl on;        #如果強制HTTPs訪問,這行要打開
    ssl_certificate /ssl/www.defult.com.pem;
    ssl_certificate_key /ssl/www.defult.com.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

     # 指定密碼為openssl支持的格式
     ssl_protocols  SSLv2 SSLv3 TLSv1.2;

     ssl_ciphers  HIGH:!aNULL:!MD5;  # 密碼加密方式
     ssl_prefer_server_ciphers  on;   # 依賴SSLv3和TLSv1協議的服務器密碼將優先于客戶端密碼

        location / {
           proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8090;#這里寫需要轉發的地址
        }
    }

    強制https

    
server {
		listen 80;
		server_name www.defult.com;
		rewrite ^(.*)$ https://${server_name}$1 permanent; 
	}
	
	server {
        listen  443 ssl;
        server_name  www.defult.com;    #監聽的URL

        # 增加ssl
    #ssl on;        #如果強制HTTPs訪問,這行要打開
    ssl_certificate /ssl/www.defult.com.pem;
    ssl_certificate_key /ssl/www.defult.com.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

     # 指定密碼為openssl支持的格式
     ssl_protocols  SSLv2 SSLv3 TLSv1.2;

     ssl_ciphers  HIGH:!aNULL:!MD5;  # 密碼加密方式
     ssl_prefer_server_ciphers  on;   # 依賴SSLv3和TLSv1協議的服務器密碼將優先于客戶端密碼

        location / {
           proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8090;#這里寫需要轉發的地址
        }
    }

    国产一级A级高清毛片