一、创建nginx实例环境
1、随便启动一个nginx实例,只是为了复制出配置
docker run -p 80:80 --name nginx -d nginx:1.102、创建/mydata/nginx目录
cd /mydata mkdir nginx3、将容器内的配置文件拷贝到当前目录:
docker container cp nginx:/etc/nginx .注意:最后的点
4、修改文件名称:
mv nginx conf5、把这个conf移动到/mydata/nginx下
6、终止原容器:
docker stop nginx7、执行命令删除原容器:
docker rm $ContainerId8、创建新的nginx;执行以下命令
docker run -p 80:80 -p 443:443 --name nginx \ -v /mydata/nginx/html:/usr/share/nginx/html/:rw \ -v /mydata/nginx/logs:/var/log/nginx/:rw \ -v /mydata/nginx/conf:/etc/nginx/:rw \ -v /mydata/nginx/ssl:/ssl/:rw \ -d nginx:1.109、设置nginx开机自启动
docker update nginx --restart=always二、配置反向代理
1、修改nginx配置文件,conf/nginx.conf,增加服务节点
#配置wlds.zwfw.com:80对应的服务器监听端口 upstream wlds.zwfw.com { server 192.168.10.110:8081; } 
2、进入conf/conf.d目录,拷贝default.conf为wlds.zwfw.conf,编辑wlds.zwfw.conf
server { listen 80; listen 443 ssl; server_name wlds.zwfw.com; #增加ssl #ssl on; #如果强制HTTPs访问,这行要打开 ssl_certificate /ssl/server.crt; ssl_certificate_key /ssl/server.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; #制定密码为openssl支持的格式 ssl_protocols SSLv2 SSLv3 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; #密码加密方式 ssl_prefer_server_ciphers on; #依赖SSLv3和TLSv1协议的服务器密码将优先于客户端密码 #charset koi8-r; #access_log /var/log/nginx/log/host.access.log main; location / { proxy_pass http://wlds.zwfw.com; #配置默认访问页,这里就会访问wlds.zwfw.com里面的首页 index index.html index.htm index.jsp; } location /ac-product/ { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://wlds.zwfw.com/ac-product/; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } 
三、配置ssl
1、设置server.key,这里需要设置两遍密码:
openssl genrsa -des3 -out server.key 10242、参数设置,首先这里需要输入之前设置的密码:
openssl req -new -key server.key -out server.csr
3、写RSA秘钥(这里也要求输入之前设置的密码):
openssl rsa -in server.key -out server_nopwd.key
4、获取密钥
openssl x509 -req -days 365 -in server.csr -signkey server_nopwd.key -out server.crt 
5、改变密钥文件,将原来的server.key重命名,并把server_nopwd.key重命名为server.key
四、重启nginx,测试访问
docerk restart nginx原文链接:https://blog.csdn.net/u011101295/article/details/122257377
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END
