1屏箍、直接安裝最新的nginx
docker pull nginx
2、由于后期需要方便配置與管理nginx铣除,需要把nginx容器內的文件夾進行掛載到宿主機中,所以此處需要進行到自己心儀的盤中創(chuàng)建文件夾(本次說明在/home)
mkdir nginx && cd $_ && mkdir -p {ssl,config,logs}
ssl放域名對應證書
config放nginx配置文件
logs放nginx日志
3尚粘、先啟動一個nginx容器用于cp對應的文件夾類型,用于后期掛載使用
docker run --name nginx -p 80:80 -d nginx
4敲长、進行容器文件cp
nginx容器內部文件夾詳情
docker cp nginx:/etc/nginx/nginx.conf /home/nginx/config/
docker cp nginx:/etc/nginx/conf.d /home/nginx
docker cp nginx:/usr/share/nginx/html /home/nginx
5、此時需要停止并刪除已啟動容器
docker stop nginx
docker rm nginx
6祈噪、把我們域名對應的證書放置ssl文件夾中
7、現(xiàn)在開始配置一下我們的nginx.conf文件了(注意:本例子80端口強制跳轉到443辑鲤,即強https)
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
client_max_body_size 100m;
include mime.types;
server {
listen 80;
server_name www.xxx.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443 ssl; # 1.1版本后這樣寫
server_name www.xxx.com; #填寫綁定證書的域名
ssl_certificate /etc/nginx/ssl/xxx.com.pem; # 指定證書的位置,絕對路徑
ssl_certificate_key /etc/nginx/ssl/xxx.com.key; # 絕對路徑月褥,同上
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照這個協(xié)議配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照這個套件配置
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:1m;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
}
}
# 引入擴展配置(可以細分服務nginx)
include /etc/nginx/conf.d/*.conf;
}
8、此時可以輸入命令進行啟動容器
docker run --name nginx -p 443:443 -p 80:80 -v /home/nginx/html:/usr/share/nginx/html -v /home/nginx/config/nginx.conf:/etc/nginx/nginx.conf -v /home/nginx/logs:/var/log/nginx -v /home/nginx/ssl:/etc/nginx/ssl --privileged=true -d --restart=always nginx
9宁赤、此時啟動成功完畢
10、瀏覽器輸入對應域名或者ip即可訪問
11决左、修改配置nginx配置文件后加載
docker exec 容器id nginx -t
docker exec 容器id nginx -s reload
