Docker nginx部署阿里https(最新的方案)
生活随笔
收集整理的這篇文章主要介紹了
Docker nginx部署阿里https(最新的方案)
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個參考.
1.安裝nginx
docker pull nginx2.啟動容器(注意80跟443,自己注意下自己的服務(wù)器 80.443端口有沒有打開)
docker run --name nginx -d -p 80:80 -p 443:443 nginx3.測試
瀏覽器 ip
4.進入容器
docker exec -it nginx /bin/bash5.在etc/nginx下創(chuàng)建一個目錄 cert
cd erc/nginx mkdir cert6.把證書放到cert目錄下
docker cp xianbao.pem nginx:/etc/nginx/cert/xianbao.pem docker cp xianbao.key nginx:/etc/nginx/cert/xianbao.key7.把容器的nginx.conf文件拉出來修改
docker cp nginx:/etc/nginx/nginx.conf nginx.conf查詢已經(jīng)部署的tomcat的內(nèi)網(wǎng)ip地址(再配置文件中)
docker inspect mytomcat1|grep "IPAddress"8.修改nginx.conf
user nginx; worker_processes 1;error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid;events {worker_connections 1024; }http {include /etc/nginx/mime.types;default_type application/octet-stream;log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;sendfile on;#tcp_nopush on;keepalive_timeout 65;#開啟壓縮,提高網(wǎng)站的訪問銷量gzip on;gzip_min_length 1k;gzip_buffers 4 16k;#gzip_http_version 1.0;gzip_comp_level 2;gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;gzip_vary off;gzip_disable "MSIE [1-6]\.";#include /etc/nginx/conf.d/*.conf;upstream tomcat_client {server 172.17.0.6:8080;#修改為自己tomcat的內(nèi)網(wǎng)ip端口} server {server_name www.xianbaovip.com; #域名listen 80 default_server;listen [::]:80 default_server ipv6only=on;location / {proxy_pass http://tomcat_client;proxy_redirect default;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;}}server {listen 443;server_name www.xianbaovip.com; #域名ssl on;root html;index index.html index.htm;ssl_certificate /etc/nginx/cert/xianbao.pem; #修改為自己證書的路徑ssl_certificate_key /etc/nginx/cert/xianbao.key;#修改為自己證書的路徑ssl_session_timeout 5m;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on;location / {proxy_pass http://tomcat_client;proxy_redirect default;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;}} }9.nginx.conf覆蓋到容器中
docker cp nginx.conf nginx:/etc/nginx/nginx.conf10.重啟nginx
docker restart nginx修改tocmat的server.xml(自行修改)
<Connector connectionTimeout="20000" port="8080" executor="tomcatThreadPool" acceptCount="600" protocol="org.apache.coyote.http11.Http11AprProtocol"redirectPort="8443" scheme="https"proxyPort="443"/>主要是:proxyPort="443"這句要加上,然后重啟tomcat 然后就配置好了
番外 讓nginx80端口強制跳轉(zhuǎn)443(把server listen端口替換成這端)
server {listen 80;server_name www.xianbaovip.com;#域名#告訴瀏覽器有效期內(nèi)只準用 https 訪問add_header Strict-Transport-Security max-age=15768000;#永久重定向到 https 站點return 301 https://www.xianbaovip.com$request_uri;#域名}總結(jié)
以上是生活随笔為你收集整理的Docker nginx部署阿里https(最新的方案)的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 最新 Docker 部署nginx To
- 下一篇: 小程序 wx.getBackground