Docker 编译安装Nginx正向代理

先记录一波正向代理

 .
├── Dockerfile
├── Dockerfile.bak
├── nginx-1.24.0.tar.gz
├── nginx.conf
├── openssl-3.3.0.tar.gz
├── pcre2-10.43.tar.bz2
├── pcre-8.45.tar.bz2
├── v0.0.6.zip
└── zlib-1.3.1.tar.gz

Dockerfile:

 # make base image.
FROM debian:bookworm-20240423-slim AS base
LABEL maintainer="RocSun <oldsixa@163.com>"
 
RUN rm -rf /etc/apt/sources.list.d/* \
    && echo " " > /etc/apt/sources.list \
    && echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list  \ 
    && echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list \
    && echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list \
    && apt clean
 
FROM base AS pb
RUN apt update \
    && apt install -y --allow-downgrades libc6=2.36-9+deb12u4 libc-dev-bin=2.36-9+deb12u4 \
    && apt install -y build-essential zlib1g-dev libpcre3-dev libssl-dev unzip bzip2 automake pkg-config
 
# build source.
FROM pb AS build
 
ADD ./* /
 
RUN mkdir /nginx \
    && unzip -d /nginx/ /v0.0.6.zip \
    && mv /openssl-3.3.0 /nginx/ \
    && mv /pcre2-10.43 /nginx/ \
    && mv /zlib-1.3.1 /nginx/ 
 
RUN cd /nginx-1.24.0 \
    && patch -p1 < /nginx/ngx_http_proxy_connect_module-0.0.6/patch/proxy_connect_rewrite_102101.patch \
    && ./configure --prefix=/nginx --add-module=/nginx/ngx_http_proxy_connect_module-0.0.6 \
        --with-pcre=/nginx/pcre2-10.43 \
        --with-zlib=/nginx/zlib-1.3.1 \
        --with-openssl=/nginx/openssl-3.3.0 \
        --with-poll_module \
        --with-http_stub_status_module \
        --with-http_ssl_module \
        --with-stream \
    && make \
    && make install 
 
WORKDIR /nginx
RUN rm -rf openssl-3.3.0 pcre2-10.43 zlib-1.3.1 ngx_http_proxy_connect_module-0.0.6
 
FROM base AS rt
COPY --from=build /nginx /nginx
ENV PATH=$PATH:/nginx/sbin
EXPOSE 80
EXPOSE 443
CMD [ "nginx", "-g", "daemon off;" ]

配置文件在/nginx/conf/下。

重点正向代理配置：

 server {
    listen       1080;
    resolver     8.8.8.8;
    proxy_connect;
    proxy_connect_allow            443 563;
    proxy_connect_connect_timeout  10s;
    proxy_connect_read_timeout     10s;
    proxy_connect_send_timeout     10s;
    #charset koi8-r;
 
    #access_log  logs/host.access.log  main;
 
    location / {
        allow 192.168.1.0/24;
        deny all;
        proxy_pass http://$host;
        proxy_set_header Host $host;
    }
 
 
 
 
    #error_page  404              /404.html;
 
    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
 
    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}
 
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}
 
    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

全部配置

  
#user  nobody;
worker_processes  1;
 
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
 
#pid        logs/nginx.pid;
 
 
events {
    worker_connections  1024;
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
 
    #access_log  logs/access.log  main;
 
    sendfile        on;
    #tcp_nopush     on;
 
    #keepalive_timeout  0;
    keepalive_timeout  65;
 
    #gzip  on;
 
    server {
        listen       80;
        server_name  localhost;
 
        #charset koi8-r;
 
        #access_log  logs/host.access.log  main;
 
        location / {
            root   html;
            index  index.html index.htm;
        }
 
        #error_page  404              /404.html;
 
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
 
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
 
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}
 
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
 
    server {
        listen       1080;
        resolver     8.8.8.8;
        proxy_connect;
        proxy_connect_allow            443 563;
        proxy_connect_connect_timeout  10s;
        proxy_connect_read_timeout     10s;
        proxy_connect_send_timeout     10s;
        #charset koi8-r;
 
        #access_log  logs/host.access.log  main;
 
        location / {
            allow 192.168.1.0/24;
            deny all;
            proxy_pass http://$host;
            proxy_set_header Host $host;
        }
 
 
 
 
        #error_page  404              /404.html;
 
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
 
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
 
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}
 
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
 
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
 
    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;
 
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
 
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;
 
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
}

posted @ 2024-05-15 10:28 咕咚! 阅读(156) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

相关博文：

· OpenStack Client 安装及配置

· opsenstack glance client的安装和配置

· Nginx 正向代理

· Nginx教程

· 服务器上用docker安装nginx 并做反向代理和负载均衡

阅读排行：
· 分享4款.NET开源、免费、实用的商城系统
· 全程不用写代码，我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了，比商业数据库还牛
· 白话解读 Dapr 1.15：你的「微服务管家」又秀新绝活了
· 上周热点回顾（2.24-3.2）

公告

昵称：咕咚!
园龄： 7年3个月
粉丝： 22
关注： 29

+加关注

2025年3月

日

一

二

三

四

五

六

随笔档案

文章档案

2022年3月(1)

咕咚！

Docker 编译安装Nginx正向代理

公告

搜索

常用链接

我的标签

积分与排名

随笔档案

文章档案

阅读排行榜

评论排行榜

推荐排行榜

最新评论

	.
	├── Dockerfile
	├── Dockerfile.bak
	├── nginx-1.24.0.tar.gz
	├── nginx.conf
	├── openssl-3.3.0.tar.gz
	├── pcre2-10.43.tar.bz2
	├── pcre-8.45.tar.bz2
	├── v0.0.6.zip
	└── zlib-1.3.1.tar.gz

	# make base image.
	FROM debian:bookworm-20240423-slim AS base
	LABEL maintainer="RocSun <oldsixa@163.com>"

	RUN rm -rf /etc/apt/sources.list.d/* \
	&& echo " " > /etc/apt/sources.list \
	&& echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list \
	&& echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list \
	&& echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list \
	&& apt clean

	FROM base AS pb
	RUN apt update \
	&& apt install -y --allow-downgrades libc6=2.36-9+deb12u4 libc-dev-bin=2.36-9+deb12u4 \
	&& apt install -y build-essential zlib1g-dev libpcre3-dev libssl-dev unzip bzip2 automake pkg-config

	# build source.
	FROM pb AS build

	ADD ./* /

	RUN mkdir /nginx \
	&& unzip -d /nginx/ /v0.0.6.zip \
	&& mv /openssl-3.3.0 /nginx/ \
	&& mv /pcre2-10.43 /nginx/ \
	&& mv /zlib-1.3.1 /nginx/

	RUN cd /nginx-1.24.0 \
	&& patch -p1 < /nginx/ngx_http_proxy_connect_module-0.0.6/patch/proxy_connect_rewrite_102101.patch \
	&& ./configure --prefix=/nginx --add-module=/nginx/ngx_http_proxy_connect_module-0.0.6 \
	--with-pcre=/nginx/pcre2-10.43 \
	--with-zlib=/nginx/zlib-1.3.1 \
	--with-openssl=/nginx/openssl-3.3.0 \
	--with-poll_module \
	--with-http_stub_status_module \
	--with-http_ssl_module \
	--with-stream \
	&& make \
	&& make install

	WORKDIR /nginx
	RUN rm -rf openssl-3.3.0 pcre2-10.43 zlib-1.3.1 ngx_http_proxy_connect_module-0.0.6

	FROM base AS rt
	COPY --from=build /nginx /nginx
	ENV PATH=$PATH:/nginx/sbin
	EXPOSE 80
	EXPOSE 443
	CMD [ "nginx", "-g", "daemon off;" ]

	server {
	listen 1080;
	resolver 8.8.8.8;
	proxy_connect;
	proxy_connect_allow 443 563;
	proxy_connect_connect_timeout 10s;
	proxy_connect_read_timeout 10s;
	proxy_connect_send_timeout 10s;
	#charset koi8-r;

	#access_log logs/host.access.log main;

	location / {
	allow 192.168.1.0/24;
	deny all;
	proxy_pass http://$host;
	proxy_set_header Host $host;
	}




	#error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	#
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root html;
	}

	# proxy the PHP scripts to Apache listening on 127.0.0.1:80
	#
	#location ~ \.php$ {
	# proxy_pass http://127.0.0.1;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	# root html;
	# fastcgi_pass 127.0.0.1:9000;
	# fastcgi_index index.php;
	# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
	# include fastcgi_params;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	# deny all;
	#}
	}


	#user nobody;
	worker_processes 1;

	#error_log logs/error.log;
	#error_log logs/error.log notice;
	#error_log logs/error.log info;

	#pid logs/nginx.pid;


	events {
	worker_connections 1024;
	}


	http {
	include mime.types;
	default_type application/octet-stream;

	#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	# '$status $body_bytes_sent "$http_referer" '
	# '"$http_user_agent" "$http_x_forwarded_for"';

	#access_log logs/access.log main;

	sendfile on;
	#tcp_nopush on;

	#keepalive_timeout 0;
	keepalive_timeout 65;

	#gzip on;

	server {
	listen 80;
	server_name localhost;

	#charset koi8-r;

	#access_log logs/host.access.log main;

	location / {
	root html;
	index index.html index.htm;
	}

	#error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	#
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root html;
	}

	# proxy the PHP scripts to Apache listening on 127.0.0.1:80
	#
	#location ~ \.php$ {
	# proxy_pass http://127.0.0.1;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	# root html;
	# fastcgi_pass 127.0.0.1:9000;
	# fastcgi_index index.php;
	# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
	# include fastcgi_params;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	# deny all;
	#}
	}

	server {
	listen 1080;
	resolver 8.8.8.8;
	proxy_connect;
	proxy_connect_allow 443 563;
	proxy_connect_connect_timeout 10s;
	proxy_connect_read_timeout 10s;
	proxy_connect_send_timeout 10s;
	#charset koi8-r;

	#access_log logs/host.access.log main;

	location / {
	allow 192.168.1.0/24;
	deny all;
	proxy_pass http://$host;
	proxy_set_header Host $host;
	}




	#error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	#
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root html;
	}

	# proxy the PHP scripts to Apache listening on 127.0.0.1:80
	#
	#location ~ \.php$ {
	# proxy_pass http://127.0.0.1;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	# root html;
	# fastcgi_pass 127.0.0.1:9000;
	# fastcgi_index index.php;
	# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
	# include fastcgi_params;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	# deny all;
	#}
	}

	# another virtual host using mix of IP-, name-, and port-based configuration
	#
	#server {
	# listen 8000;
	# listen somename:8080;
	# server_name somename alias another.alias;

	# location / {
	# root html;
	# index index.html index.htm;
	# }
	#}


	# HTTPS server
	#
	#server {
	# listen 443 ssl;
	# server_name localhost;

	# ssl_certificate cert.pem;
	# ssl_certificate_key cert.key;

	# ssl_session_cache shared:SSL:1m;
	# ssl_session_timeout 5m;

	# ssl_ciphers HIGH:!aNULL:!MD5;
	# ssl_prefer_server_ciphers on;

	# location / {
	# root html;
	# index index.html index.htm;
	# }
	#}
	}