部署项目

docker环境nginx部署静态项目

修改配置文件

cd /home/docker/nginx/conf.d
vim demo.conf

按需复制以下内容粘贴到demo.conf
静态项目使用

server {
     listen 80; # 监听80端口
     server_name codesensi.com www.codesensi.com;  # 绑定证书的域名
     #把http的域名请求转成https
     return 301 https://$host$request_uri; 
}
# 强制重定向
server {
    listen 443 ssl;
    server_name codesensi.com www.codesensi.com;  # 自己的域名
    ssl_certificate /home/cert/4312001_codesensi.top.pem;
    ssl_certificate_key /home/cert/4312001_codesensi.top.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    location / {
        root /usr/share/nginx/html;
        index index.html;
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

非静态项目使用

upstream demo {
  server 127.0.0.1:8080;
}
server {
     listen 80; # 监听80端口
     server_name demo.codesensi.top;  # 绑定证书的域名
     #把http的域名请求转成https
     return 301 https://$host$request_uri; 
}
# 强制重定向
server {
    listen 443 ssl;
    server_name demo.codesensi.top;  # 自己的域名
    ssl_certificate /home/cert/demo.codesensi.top.pem;
    ssl_certificate_key /home/cert/demo.codesensi.top.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass http://demo;
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

上传https证书

上传路径:/home/docker/nginx/cert

image.png

重启nginx

docker restart nginx

浏览器域名访问即可

Q.E.D.