## 部署项目 [docker环境nginx部署静态项目](https://blog.codesensi.top/archives/20210228001) ## 修改配置文件 ```Shell cd /home/docker/nginx/conf.d vim demo.conf ``` 按需复制以下内容粘贴到`demo.conf` `静态项目使用` ```Shell server { listen 80; # 监听80端口 server_name codesensi.com www.codesensi.com; # 绑定证书的域名 #把http的域名请求转成https return 301 https://$host$request_uri; } # 强制重定向 server { listen 443 ssl; server_name codesensi.com www.codesensi.com; # 自己的域名 ssl_certificate /home/cert/4312001_codesensi.top.pem; ssl_certificate_key /home/cert/4312001_codesensi.top.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { root /usr/share/nginx/html; index index.html; proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } ``` `非静态项目使用` ```Shell upstream demo { server 127.0.0.1:8080; } server { listen 80; # 监听80端口 server_name demo.codesensi.top; # 绑定证书的域名 #把http的域名请求转成https return 301 https://$host$request_uri; } # 强制重定向 server { listen 443 ssl; server_name demo.codesensi.top; # 自己的域名 ssl_certificate /home/cert/demo.codesensi.top.pem; ssl_certificate_key /home/cert/demo.codesensi.top.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { proxy_pass http://demo; proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } ``` ## 上传https证书 上传路径：`/home/docker/nginx/cert`  ## 重启nginx ```Shell docker restart nginx ``` 浏览器域名访问即可