美文网首页
阿里云docker部署nginx并且配置ssl

阿里云docker部署nginx并且配置ssl

作者: 海染蓝了天 | 来源:发表于2023-02-09 13:26 被阅读0次

1、本地创建nginx挂载路径

mkdir /usr/local/docker/nginx/conf
mkdir /usr/local/docker/nginx/conf/conf.d
mkdir /usr/local/docker/nginx/html
mkdir /usr/local/docker/nginx/conf

2、简单启动一个nginx服务(仅用来复制配置文件,复制完即删除此容器)

docker run --name nginx_test -d -p 80:80 nginx

3、复制nginx配置文件到宿主机

docker cp my_nginx :/etc/nginx/conf.d /usr/local/docker/nginx/conf/conf.d/
docker cp my_nginx :/etc/nginx/nginx.conf  usr/local/docker/nginx/conf/
docker cp my_nginx :/usr/share/nginx/html/ /usr/local/docker/nginx/html/

进去容器创建一个ssl文件夹用于存放ssl证书
#进入 前面的 my_nginx 容器   
docker exec -it my_nginx /bin/bash
cd etc/nginx
touch ssl  #创建文件夹
docker cp my_nginx:/etc/nginx/ssl  /usr/local/docker/nginx/ssl

4、移除容器

docker rm -f my_nginx 

5、挂载nginx.conf到宿主机

这里一定要在容器里面开启443端口 阿里云也要开放443端口

docker run --name my_nginx -p 80:80 -p 443:443  -v /usr/local/docker/nginx/conf/conf.d/default.conf:/etc/nginx/conf.d/default.conf -v /usr/local/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /usr/local/docker/nginx/html/:/usr/share/nginx/html/ -v /usr/local/docker/nginx/logs/:/var/log/nginx/ -v /usr/local/docker/nginx/ssl:/etc/nginx/ssl  --privileged=true -d --restart=always nginx
##这里一定要在容器里面开启443端口  阿里云也要开放443端口

6、nginx.conf配置文件

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
  
    server {
        listen       80;
        server_name  xianzhuhz.com;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        keepalive_timeout  100;  #这个参数表示http连接超时时间,默认是65s
        client_max_body_size 100m;         #主要是这个参数,限制了上传文件大大小
        rewrite ^(.*)$ https://$host$1; #将所有HTTP请求通过rewrite指令重定向到HTTPS。
         location /static { 
         root   /usr/share/nginx/html;
         index  index.html index.htm;
         }
         location / {
             proxy_pass  http://47.92.0.42:8085/hello;
                
         }
        
        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }

    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

    # HTTPS server
    #
   server {
       listen       443 ssl;
       server_name  xianzhuhz.com;
        keepalive_timeout  100;  #这个参数表示http连接超时时间,默认是65s
        client_max_body_size 100m;         #主要是这个参数,限制了上传文件大大小
         ssl_certificate      /etc/nginx/ssl/www.xianzhuhz.com.pem;
         ssl_certificate_key  /etc/nginx/ssl/www.xianzhuhz.com.key;
        
         ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
         ssl_session_cache    shared:SSL:1m;
         ssl_session_timeout  5m;
         ssl_protocols TLSv1.1 TLSv1.2; 
         ssl_prefer_server_ciphers on;
         location /static { 
         root   /usr/share/nginx/html;
         index  index.html index.htm;
         }
         location / {
             proxy_pass  http://47.92.0.42:8085/hello;
                
         }      
    }
}

对应上面的地址

 location /static { 
         root   /usr/share/nginx/html;
         index  index.html index.htm;
         }
image.png image.png image.png
image.png

相关文章

网友评论

      本文标题:阿里云docker部署nginx并且配置ssl

      本文链接:https://www.haomeiwen.com/subject/mfnckdtx.html