安装docker
可参考小酷之前的文章,不同系统安装略有不同,以下教程可做参考
centos7安装docker、docker-compose
准备https证书
可参考小酷之前的文章,使用cloudflare生成证书,
PS:
- 也可用其他工具生成证书,然后放置到/root/docker_data/nginx/certs下
- 路径可自行修改,但要与下一步证书的映射路径目录保持一致
- 如果只是使用80端口,则可以跳过本步骤,但会提示http连接不安全
docker安装nginx
拉取nginx镜像、并运行nginx容器
docker run -d --name nginx -p 80:80 -p 443:443 -v /root/docker_data/nginx/nginx.conf:/etc/nginx/nginx.conf -v /root/docker_data/nginx/certs:/etc/nginx/certs -v /root/docker_data/nginx/html:/usr/share/nginx/html nginx:latest
修改nginx配置文件
修改宿主机路径/root/docker_data/nginx/下nginx.conf配置文件。
-
域名匹配server_name
-
路径匹配location
-
proxy_pass 配置的要代理的地址(当前服务器或其他服务器)
-
多应用可配置多server块,server块中配置不同的域名和路径
server {
listen 80;
listen [::]:80;
server_name www.xxxxx.com;
location / {
proxy_pass http://你的ip地址:应用端口/;
rewrite ^/(.*)$ /$1 break;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade-Insecure-Requests 1;
proxy_set_header X-Forwarded-Proto https;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name www.xxxxx.com;
ssl_certificate /etc/nginx/certs/cert.pem;
ssl_certificate_key/etc/nginx/certs/key.pem;
location / {
proxy_pass http://你的ip地址:应用端口/;
rewrite ^/(.*)$ /$1 break;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade-Insecure-Requests 1;
proxy_set_header X-Forwarded-Proto https;
}
location /yydsjg {
proxy_pass http://172.17.0.1:54321/;# 这里可以使用本机的dockerIP,也可使用公网IP
rewrite ^/(.*)$ /$1 break;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade-Insecure-Requests 1;
proxy_set_header X-Forwarded-Proto https;
}
}