这篇博客详细介绍了如何使用Docker安装和配置Nginx,包括基本的Docker命令来拉取和运行Nginx容器,设置端口映射,挂载本地目录,以及在Docker网络中开启443端口以支持HTTPS。此外,还提供了Nginx配置文件的示例,展示了如何配置SSL证书以实现安全的HTTPS连接。
Docker 安装nginx
docker pull nginx:latest
docker run --name nginx-test -p 8080:80 -d nginx
nginx挂载本地目录
docker run -d --name nginx -p 80:80 -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/logs:/var/log/nginx -v /data/nginx/conf.d:/etc/nginx/conf.d --restart=always nginx:latest
nginx挂载本地目录,连接docker网络,开启443端口
docker run -d --name nginx -p 443:443 -p 80:80 -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/logs:/var/log/nginx -v /data/nginx/conf.d:/etc/nginx/conf.d --network test-net --restart=always nginx:latest
相关文件:
/data/nginx/conf/nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
/data/nginx/conf.d/default.conf:
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
# 将端口代理到指定ip上的端口
proxy_pass http://127.0.0.1:8900;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
/data/nginx/html/index.html
hello world
包含ssl证书的配置:
/data/nginx/conf/nginx.conf:
worker_processes 1;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server_tokens off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
client_max_body_size 100m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_min_uses 1;
gzip on;
gzip_vary on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_http_version 1.1;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/vnd.ms-fontobject font/ttf font/opentype font/x-woff image/svg+xml;
include vhost/*.conf;
server {
listen 80;
server_name yourdomain.com; #需要将yourdomain.com替换成证书绑定的域名。
rewrite ^(.*)$ https://$host$1; #将所有HTTP请求通过rewrite指令重定向到HTTPS。
}
# HTTPS server
#
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /ssl/your证书.pem;
ssl_certificate_key /ssl/your证书key.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://ip:port/;
}
}
}
221
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
