docker安装nginx

安装nginx服务

拉取nginx镜像

docker pull elisiano/nginx-modsecurity

创建用于挂载的目录

#用于挂载redis数据文件
sudo mkdir -p /server/data/docker/nginx/logs
#用于挂载redis配置文件
sudo mkdir -p /server/data/docker/nginx/conf
sudo mkdir -p /server/data/docker/nginx/conf/domains

编辑配置文件

nginx.conf文件

vi /server/data/docker/nginx/conf/nginx.conf

配置如下

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;
    client_max_body_size 100m;
    keepalive_timeout  65;

    #gzip  on;

#    include /etc/nginx/conf.d/*.conf;
#    include domains/*.conf;
     include domains/*.conf;

}

myServer.conf

vi /server/data/docker/nginx/conf/domains/myServer.conf

server {
        listen       18081;
        server_name  myServer;

        location / {
            root  /home/app/nginx/myServer/;
            index  index.html index.htm;
        }
        location /api/ {
            proxy_pass http://127.0.0.1:8080/;
        }
   }

启动

$ docker run --name nginx --net host --restart=always --privileged=true -v \
/home/app/nginx:/home/app/nginx -v \
/server/data/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v \
/server/data/docker/nginx/conf/domains:/etc/nginx/domains -v \
/server/data/docker/nginx/logs:/var/log/nginx  -d elisiano/nginx-modsecurity

ssl证书启动

docker run --name nginx --net host --restart=always --privileged=true -v \
/home/app/nginx:/home/app/nginx -v \
/server/data/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v \
/server/data/docker/nginx/conf/domains:/etc/nginx/domains -v \
/server/data/docker/nginx/logs:/var/log/nginx -v \
/server/data/docker/nginx/ssl:/etc/nginx/ssl -d elisiano/nginx-modsecurity

ssl启动conf配置如下

myServer.conf

server {
        listen      443 ssl;
        server_name  test.com;

        ssl on;
	#自己的ssl证书位置 写的是docker内容器位置,不是宿主机的位置
        ssl_certificate /etc/nginx/ssl/test.com_nginx/test.com.pem;
        ssl_certificate_key /etc/nginx/ssl/test.com_nginx/test.com.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
        ssl_prefer_server_ciphers on;
	#部署的前端工程
        location / {
           root  /home/app/nginx/test/;
           try_files $uri $uri/ @router;
           index  index.html index.htm;
           modsecurity_rules '
            SecRuleEngine On
            SecDebugLog /tmp/modsec_debug.log
            SecDebugLogLevel 9
            SecRule ARGS "@contains test" "id:1,phase:2,t:trim,block"
           ';
        }
	#代理请求
        location /stage-api/
      {
         add_header 'Access-Control-Allow-Origin' '*';
         proxy_pass   http://127.0.0.1:8080/;
         proxy_connect_timeout   3000;
         proxy_send_timeout      3000;
         proxy_read_timeout      3000;
      }
       location @router {
           rewrite ^.*$ /index.html last;
        }

        location /nxyz/ {
           proxy_pass http://127.0.0.1:9090/nxyz/;
        }

        #资源下载
        location ~*\.(zip|rar|xlsx|xls|apk) {
           root /home/app/nginx/test/;
        }
}
# http 80访问 代理转发为https 请求
server {
    listen 80;
    server_name test.com;
    rewrite ^(.*)$ https://${server_name}$1 permanent;
}
posted @   一世倾城很温柔  阅读(76)  评论(0编辑  收藏  举报
(评论功能已被禁用)
相关博文:
· docker安装redis
· docker安装使用
· Docker部署Nginx
· Linux docker 安装nginx 配置ssl证书
· docker安装nginx,配置SSL
阅读排行:
· Manus爆火,是硬核还是营销?
· 终于写完轮子一部分:tcp代理 了,记录一下
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 别再用vector<bool>了!Google高级工程师:这可能是STL最大的设计失误
· 单元测试从入门到精通

阅读目录(Content)

此页目录为空

点击右上角即可分享
微信分享提示