基于Docker安装nginx以及配置https

https的证书来源于阿里云的ssl

1、在Docker下载Nginx镜像

docker pull nginx
docker images

2、创建挂载目录

mkdir -p /opt/nginx/{conf,conf.d,html,logs}

3、从阿里云的ssl中下载nginx相关证书，放到 /opt/nginx/conf目录下

4、编写nginx.conf配置文件，放在conf文件夹中

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

	fastcgi_intercept_errors on; #配置404页面跳转的开关 
	
	proxy_connect_timeout 300;
	proxy_send_timeout 300;
	proxy_read_timeout 300;
	
	keepalive_timeout  300;                    
   
    client_max_body_size 100m;         #主要是这个参数，限制了上传文件大大小
	
	upstream muzhiyunServer {  
		server 172.18.171.42:8000;
    } 
  	
	server {
		listen 443 ssl;
		server_name test.api.jianhuotech;
		
		
		#下划线
		underscores_in_headers on;
		
		#获取真实ip
		proxy_set_header Host $host;
		proxy_set_header X-real-ip $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
			
		#https部分
		#ssl on;
		root html;
        index index.html index.htm;
        ssl_certificate /etc/nginx/test.pem;
        ssl_certificate_key  /etc/nginx/test.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

		location / {
			proxy_pass http://muzhiyunServer;
		}
	}
}

5、运行nginx

docker run --name nginx -d -p 443:443 -v /opt/nginx/conf/nginx.conf:/etc/nginx/nginx.conf  -v /opt/nginx/logs:/var/log/nginx -v /opt/nginx/conf/test.key:/etc/nginx/test.key -v /opt/nginx/conf/test.pem:/etc/nginx/test.pem -d docker.io/nginx

 -p 443:443 宿主机端口：容器端口

-v /opt/nginx/conf/nginx.conf:/etc/nginx/nginx.conf将宿主机的文件映射到容器