Nginx配置https

Nginx配置https

前端镜像使用Nginx做基础镜像，配置https步骤如下：

1、生成证书

2、nginx.conf文件中添加https server配置

# HTTPS server							
	server {							
		listen 8443;						
		server_name abc.xxx.com; #需要访问的域名，这里也不用加https;						
		ssl on;						
		ssl_certificate    cert/server.crt; #这里是ssl key文件存放的路径，根据自己的文件名称和路径来写, 挂载到容器中请填写容器中路径						
		ssl_certificate_key    cert/server.key; #这里是ssl key文件存放的路径，根据自己的文件名称和路径来写，挂在到容器中请填写容器路径						
		ssl_session_cache shared:SSL:1m;						
		ssl_session_timeout 5m;						
		ssl_ciphers HIGH:!aNULL:!MD5;						
		ssl_prefer_server_ciphers on;						
		location / {						
			root   /app/dist;					
			autoindex  off;					
			autoindex_exact_size  off;					
			inedx  index.html  index.htm;					
		}						
		location ^~ /web/ {						
			proxy_pass http://Nodes;					
			proxy_set_header Host $host;					
			proxy_set_header X-Real-IP $remote_addr;					
			proxy_set_header X-Forwarded-For $proxy_addr_x_forwarder_for;					
			proxy_connect_timeout 2;					
			proxy_read_tomoeout 300;					
			proxy_send_timeout 300;					
		}						
	}

3、将nginx.conf和证书挂载到镜像中

docker启动脚本中添加挂载目录

docker run -d \							
	-p 8080:8080 -p 8443:8443 \							
	--name app-front \							
	--network host \							
	--mount type=bind, source= ${CONFIG_FOLDER}, target=/app/dist/static/config,readonly \							
	--mount type=bind,source=${CERT_FOLDER},target=/etc/nginx/cert \							
	--mount type=bind,source=${NGINX_CONF_PATH},target=/etc/nginx/nginx.conf \							
	--add-host=back1.xxxx.com:${NODE_AP5} \							
	--add-host=back1.xxxx.com:${NODE_AP6} \							
	--add-host=back1.xxxx.com:${NODE_AP7} \							
	${DOCKER_REGISTRY}/${DOCKER_IMAGE}

4、修改原前端入口文件config.js

/* eslint-disable no-unuseed-cars */								
const config = {								
	baseURL: 'https://abc.xxx.com:8443/web/',							
	ssoRedirectToURL:'xxxurl?redirectTo=https://abc.xxx.com/',							
	timeout: 180000,							
	loginMode: 'token',							
	defaultLan: 'ja',							
	uploadFileSize: 2 /* unit:M */							
}	

5、重新启动nginx

原来的容器需要先删除掉
浏览器访问URL：https://abc.com:8443/login