【Docker】- docker安装nginx
1、pull nginx
docker pull nginx
2、安装docker
docker run --name nginx -p 80:80 -d nginx
3、将容器中的相应文件copy到刚创建的管理目录中
mkdir /opt/docker/nginx/ // 如果没有自动生成文件夹,需要手动生成一下
docker cp nginx:/etc/nginx/nginx.conf /opt/docker/nginx/ docker cp nginx:/etc/nginx/conf.d /opt/docker/nginx/conf.d/ docker cp nginx:/usr/share/nginx/html/ /opt/docker/nginx/html/ docker cp nginx:/var/log/nginx/ /opt/docker/nginx/logs/ docker cp nginx:/etc/nginx/cert/ /opt/docker/nginx/cert/
4、上一步中最后的cert文件夹可能不存在,进到nginx容器中,手动创建文件夹
// 进入容器 docker exec -it nginx /bin/bash // 进入目标文件夹 cd etc/nginx // 创建文件夹 mkdir cert
5、停止并移除容器
docker stop nginx
docker rm nginx
6、重新挂载
docker run --name nginx -p 80:80 -p 443:443 -v /opt/docker/nginx/nginx.conf:/etc/nginx/nginx.conf -v /opt/docker/nginx/html/:/usr/share/nginx/html/ -v /opt/docker/nginx/logs/:/var/log/nginx/ -v /opt/docker/nginx/conf.d/:/etc/nginx/conf.d -v /opt/docker/nginx/cert/:/etc/nginx/cert --privileged=true -d nginx
7、conf文件配置,配置SS的时候记得将XXX.pem和XXX.key两个文件放到cert文件夹下
server { listen 80; server_name 二级域名.域名.com; client_max_body_size 50M; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; location / { root /usr/share/nginx/html/文件夹/; index index.html index.htm; } location ^~/api/ { proxy_pass http://内网IP:1010/; } }
server {
ssl on;
listen 443 ssl http2;
server_name 二级域名.域名.com;
ssl_certificate cert/XXX.com.pem;
ssl_certificate_key cert/XXX.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
root /usr/share/nginx/html/文件夹/;
location / {
try_files $uri $uri/ @router;
index index.html;
}
location @router {
rewrite ^.*$ /index.html last;
}
location ^~/api/ {
proxy_pass http://内网IP:端口号/;
}
# 避免端点安全问题
if ($request_uri ~ "/actuator"){
return 403;
}
}
8、卸载nginx(docker中其他容器和镜像同理)
// 查看所有的容器,包括未运行的容器 docker ps -a // 删除容器 docker rm ID // 查看镜像 docker images // 删除镜像 docker rmi ID
