docker nginx ssl

运行docker 容器里的nginx

docker run —name nginx-latest -p 80:80 -p 443:443 -d nginx

将配置的default.conf拷贝到docker里

docker cp default.conf nginx-latest:/etc/nginx/conf.d/

将ssl拷贝到docker容器nginx

docker cp /root/certificate/ssl/ nginx-latest:/etc/nginx/conf.d/

进入到docker 容器 nginx里

docker exec -it nginx-latest /bin/bash

default.conf内容：

server {

    listen       443 ssl;

    server_tokens off;

    server_name  example.com;

    root /usr/share/nginx/html;

    index index.html index.htm;

    #access_log  /var/log/nginx/host.access.log  main;

    ssl_certificate ssl/example.com_bundle.crt;

    ssl_certificate_key ssl/example.com.key;

    ssl_session_timeout 5m;

    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;

    ssl_prefer_server_ciphers on;

    location / {

        root   /usr/share/nginx/html;

        index  index.html index.htm;

    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html

    #

    error_page   500 502 503 504  /50x.html;

    location = /50x.html {

        root   /usr/share/nginx/html;

    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80

    #

    #location ~ \.php$ {

    #    proxy_pass   http://127.0.0.1;

    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

    #

    #location ~ \.php$ {

    #    root           html;

    #    fastcgi_pass   127.0.0.1:9000;

    #    fastcgi_index  index.php;

    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

    #    include        fastcgi_params;

    #}

    # deny access to .htaccess files, if Apache's document root

    # concurs with nginx's one

    #

    #location ~ /\.ht {

    #    deny  all;

    #}

}

server {

    listen       80;

    server_name  example.com;

    rewrite ^(.*)$ https://$host$1;

    return 301 https://$host$request_uri;

}