Nginx配置https
Nginx配置https
前端镜像使用Nginx做基础镜像,配置https步骤如下:
1、生成证书
2、nginx.conf文件中添加https server配置
# HTTPS server
server {
listen 8443;
server_name abc.xxx.com; #需要访问的域名,这里也不用加https;
ssl on;
ssl_certificate cert/server.crt; #这里是ssl key文件存放的路径,根据自己的文件名称和路径来写, 挂载到容器中请填写容器中路径
ssl_certificate_key cert/server.key; #这里是ssl key文件存放的路径,根据自己的文件名称和路径来写,挂在到容器中请填写容器路径
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /app/dist;
autoindex off;
autoindex_exact_size off;
inedx index.html index.htm;
}
location ^~ /web/ {
proxy_pass http://Nodes;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_addr_x_forwarder_for;
proxy_connect_timeout 2;
proxy_read_tomoeout 300;
proxy_send_timeout 300;
}
}
3、将nginx.conf和证书挂载到镜像中
docker启动脚本中添加挂载目录
docker run -d \
-p 8080:8080 -p 8443:8443 \
--name app-front \
--network host \
--mount type=bind, source= ${CONFIG_FOLDER}, target=/app/dist/static/config,readonly \
--mount type=bind,source=${CERT_FOLDER},target=/etc/nginx/cert \
--mount type=bind,source=${NGINX_CONF_PATH},target=/etc/nginx/nginx.conf \
--add-host=back1.xxxx.com:${NODE_AP5} \
--add-host=back1.xxxx.com:${NODE_AP6} \
--add-host=back1.xxxx.com:${NODE_AP7} \
${DOCKER_REGISTRY}/${DOCKER_IMAGE}
4、修改原前端入口文件config.js
/* eslint-disable no-unuseed-cars */
const config = {
baseURL: 'https://abc.xxx.com:8443/web/',
ssoRedirectToURL:'xxxurl?redirectTo=https://abc.xxx.com/',
timeout: 180000,
loginMode: 'token',
defaultLan: 'ja',
uploadFileSize: 2 /* unit:M */
}
5、重新启动nginx
原来的容器需要先删除掉
浏览器访问URL:https://abc.com:8443/login