1.运行目录准备
# Webs项目文件夹创建
mkdir -p /opt/webs
#创建Nginx目录
mkdir -p /opt/nginx/{certs,conf.d} ; cd /opt/nginx2.nginx.conf配置文件准备
cat > nginx.conf << "EOF"
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
charset UTF-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
gzip on;
gzip_vary on;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_min_length 1000;
gzip_proxied any;
gzip_disable "msie6";
gzip_http_version 1.0;
gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
server_tokens off;
include /etc/nginx/conf.d/*.conf;
}
EOF2.default.conf配置文件准备
cat > conf.d/default.conf << "EOF"
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 403;
access_log /var/log/nginx/default-80.access.log main;
}
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
return 403;
ssl_certificate certs/default.crt;
ssl_certificate_key certs/default.key;
access_log /var/log/nginx/default-443.access.log main;
}
EOF
cat > certs/default.crt << "EOF"
-----BEGIN CERTIFICATE-----
MIID2TCCAsGgAwIBAgICWHcwDQYJKoZIhvcNAQELBQAwczELMAkGA1UEBhMCQ04x
EDAOBgNVBAgMB1RpYW5qaW4xEDAOBgNVBAcMB1RpYW5qaW4xFTATBgNVBAoMDENI
SU5BU1NMIEluYzEpMCcGA1UEAwwgQ0hJTkFTU0wgQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkwHhcNMjQwMTAyMDY1NDU4WhcNMjUwMTAxMDY1NDU4WjB/MQswCQYDVQQG
EwJDTjEQMA4GA1UECAwHZGVmYXVsdDEQMA4GA1UECgwHZGVmYXVsdDEQMA4GA1UE
CwwHZGVmYXVsdDEQMA4GA1UEAwwHZGVmYXVsdDEoMCYGCSqGSIb3DQEJARYZYWRt
aW5AbG9jYWxob3N0LmxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOms32Vq/0YbG2LpFl4KedF/upzpzNPua06ovN50krDnUCWs6I4MGRjZ
U9H5wawmovVflgiPTaxx5qUtZOQDAUZ7nnFEb0FxFvnu9J/m2oVpZYjzJe30OkUM
Yz+B4LIUV/RMdb4T0aVArKYJqcdBQ0b+Gtc5i8gifkqtOO9V9ZgKa7fkAVESU3BB
Aj8oULTTj0nUIZM2/3mUeERN83vtASE7E4VEToGVKDJJhOGdwCcsYY5EFUjfCg0J
u/KLinUVNtqmTQ+cMjLLA3Lhq4hGOr8Pp0WqKByiL+lEVab7QJCthF/AdT2Y9Ld4
kF4jB0aG/B56xjzTxlNOSSDDknvD3v8CAwEAAaNrMGkwHwYDVR0jBBgwFoAUXB8j
+sjhITHC2Df2iPzSb8JUQzMwCQYDVR0TBAIwADALBgNVHQ8EBAMCBPAwLgYDVR0R
BCcwJYIJbG9jYWxob3N0ggx3d3cudGVzdC5jb22HBMCoAAGHBH8AAAEwDQYJKoZI
hvcNAQELBQADggEBAEP+W8F5HW7ehmugXUgxVOkjR3l5IcL40MBNWI1kbSuyungu
pAsUKKw2bC+RWeKwuKAZWhp9aDiX2sIrA/kudpR8wN/mYL538+/PceCEtiKlrqyS
QkUUExoj2LE3iv/lXFEnmk7LKvPFarRz87s5DHiXSobJQ1FTWxOOwqjcGb21cw4d
A8lD0MgKPZ1YhldkYA1eMWwwjIt1ZRDOahVIxN8owDhQUaAn/nXy8rxhJiu5TT1r
bS7CWL0zJxa9yCUfhDmDGnBfA3MVfDAnt4+ZOVCabt7ex9ksNqvzV8QmRoXtbxNj
AZlqKN6Hg2kcHoLZPPwqEE/3tbKmsHs1mSNOVdg=
-----END CERTIFICATE-----
EOF
cat > certs/default.key << "EOF"
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDprN9lav9GGxti
6RZeCnnRf7qc6czT7mtOqLzedJKw51AlrOiODBkY2VPR+cGsJqL1X5YIj02sceal
LWTkAwFGe55xRG9BcRb57vSf5tqFaWWI8yXt9DpFDGM/geCyFFf0THW+E9GlQKym
CanHQUNG/hrXOYvIIn5KrTjvVfWYCmu35AFRElNwQQI/KFC0049J1CGTNv95lHhE
TfN77QEhOxOFRE6BlSgySYThncAnLGGORBVI3woNCbvyi4p1FTbapk0PnDIyywNy
4auIRjq/D6dFqigcoi/pRFWm+0CQrYRfwHU9mPS3eJBeIwdGhvweesY808ZTTkkg
w5J7w97/AgMBAAECggEBAKxzhlKkikxEyQtQFc/FT23LI/+VlDJ76/mbEffidDfW
HhIP73iVeRgbm36FIedYhD8uEd2zVJGFZcBVJfYYOaK4rI/O/4R+X4SIU0SG7JI0
3Fgbicx4x2AZ6kz+HsONu/NxUhu7KKcaec/3pbKFeY81DL31nDFRM38NI82N1Lgk
35qPn+RfnPo3AHPqR7S0ZgVM1tJtYaIMxAs1m/+VUp3YFufSAvGSf3GAFmmtkzP/
iXhaVVsBCp+Bwe4wo/bvagEGJG7wXlOpxyYTCGipn5eqlWLuHm9Pu0e9X949xwFj
Hm8PCumtB8lP5ighjBuJjFIbWI/SStmMJpRlXi67qUECgYEA+CmIlb41SyX9TRM0
UJrIf0u/17IXTjfokxDXHIi5Mjv515DoEg18zwNb23JJA+awpjjVCNjH9cIY+UFJ
KYxPEeRCGeMVErdrDpVOXxuhXEM+5/16zs/xBx0R/Um+7xnnf42tAagbtg9+kyYp
VvT6BLjYD3Vpz8kaPav1BTk10FECgYEA8Q41K7gg6bVMkz/chdQs5uOL2zJT2Vvu
30MvqfbItYaBwGgJ57nLw6VuEeM/SJeR7DhgW1lZdIQfrjAOBQaGGCwdRC4JkSHs
SkYUM3mUcuxwOsJRUo8xLA+YC+Sx/uB2hPEAFFEzF9CDBDc/GXv1tFunogY59nop
COGJEARftk8CgYA/F6AoIgG+p1vs+pL0Y0XSR1nw5tBSDJjOuxtVn9Ul1mXAzpCR
9mfi4cG62yWBHmeO+yf+Zc8AxmY/CMAnFgsMS3IazscOyR8oyADy4T13DYmyxZkx
d2CaJGPsd5FZjMZ0gXqYzzqsYOgXVT5xYzsldDFKTNmoAELxpwRWXaM24QKBgHUs
09nRomYYlAWL6HVBYyZE++nsN+gTkTUD4rp61Kuwm4fcytvSa+NJmgyl61AtJWiv
Kt+cuigyRXgVsertdedwIjXPLyVWWRbto8o10lxe5FsbtA4uvtdNKTq2y3M6x0Hu
KHy3z99Gozk8ZbbMk+49E2pmHmzaivHfOBIKHkBvAoGBALTtWK/Jato2WomqGz1M
covAUEfw4rBzsdV9DlOXjdUR86lB3kDryj5tsi20lHvyWNK2nRbIvrG1OdXgOO3+
SfEBSHHSAPoBtdBPh6GKSNwWuBpoH5Ba2Sn3WmtdQBJTn9Zhv8CEcJ4I8vA7VtsC
9erPLqmR94Wus5DtPJAa/v6c
-----END PRIVATE KEY-----
EOF3.启动脚本
cat > start.sh << "EOF"
#!/bin/bash
docker stop nginx
docker rm nginx
docker run --detach --name nginx \
--publish 80:80 \
--publish 443:443 \
-v /etc/localtime:/etc/localtime:ro \
-v $PWD/nginx.conf:/etc/nginx/nginx.conf \
-v $PWD/conf.d:/etc/nginx/conf.d \
-v $PWD/certs:/etc/nginx/certs \
-v $PWD/logs:/var/log/nginx \
-v /opt/webs:/opt/webs \
--restart unless-stopped \
nginx:1.24
EOF4.热加载脚本
cat > reload.sh << "EOF"
#!/bin/bash
docker exec -it nginx bash -c 'nginx -t && nginx -s reload'
EOF
chmod +x reload.sh5.运行
chmod +x start.sh reload.sh
./start.sh
#查看运行情况
docker logs -f nginx© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
暂无评论内容