Docker下Nginx最佳部署(单节点)

Image description 三网大流量卡(正规、非野路子、非物联网卡) – 运营商App可查,点击办理

1.运行目录准备

# Webs项目文件夹创建
mkdir -p /opt/webs
#创建Nginx目录
mkdir -p /opt/nginx/{certs,conf.d} ; cd /opt/nginx

2.nginx.conf配置文件准备

cat > nginx.conf << "EOF"
user nginx;
worker_processes auto;

error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;


events {
    worker_connections 1024;
}


http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;

    charset UTF-8;

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    keepalive_timeout 60;

    gzip on;
    gzip_vary on;

    gzip_comp_level 6;
    gzip_buffers 16 8k;

    gzip_min_length 1000;
    gzip_proxied any;
    gzip_disable "msie6";

    gzip_http_version 1.0;

    gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    server_tokens off;

    include /etc/nginx/conf.d/*.conf;
}

EOF

2.default.conf配置文件准备

cat > conf.d/default.conf  << "EOF"
server {
    listen 80	default_server;
    listen [::]:80	default_server;
    server_name _;

    return 403;

    access_log /var/log/nginx/default-80.access.log main;
}

server {
    listen 443	default_server;
    listen [::]:443	default_server;
    server_name _;

    return 403;

    ssl_certificate	certs/default.crt;
    ssl_certificate_key	certs/default.key;

    access_log /var/log/nginx/default-443.access.log main;
}

EOF

cat > certs/default.crt  << "EOF"
-----BEGIN CERTIFICATE-----
MIID2TCCAsGgAwIBAgICWHcwDQYJKoZIhvcNAQELBQAwczELMAkGA1UEBhMCQ04x
EDAOBgNVBAgMB1RpYW5qaW4xEDAOBgNVBAcMB1RpYW5qaW4xFTATBgNVBAoMDENI
SU5BU1NMIEluYzEpMCcGA1UEAwwgQ0hJTkFTU0wgQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkwHhcNMjQwMTAyMDY1NDU4WhcNMjUwMTAxMDY1NDU4WjB/MQswCQYDVQQG
EwJDTjEQMA4GA1UECAwHZGVmYXVsdDEQMA4GA1UECgwHZGVmYXVsdDEQMA4GA1UE
CwwHZGVmYXVsdDEQMA4GA1UEAwwHZGVmYXVsdDEoMCYGCSqGSIb3DQEJARYZYWRt
aW5AbG9jYWxob3N0LmxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOms32Vq/0YbG2LpFl4KedF/upzpzNPua06ovN50krDnUCWs6I4MGRjZ
U9H5wawmovVflgiPTaxx5qUtZOQDAUZ7nnFEb0FxFvnu9J/m2oVpZYjzJe30OkUM
Yz+B4LIUV/RMdb4T0aVArKYJqcdBQ0b+Gtc5i8gifkqtOO9V9ZgKa7fkAVESU3BB
Aj8oULTTj0nUIZM2/3mUeERN83vtASE7E4VEToGVKDJJhOGdwCcsYY5EFUjfCg0J
u/KLinUVNtqmTQ+cMjLLA3Lhq4hGOr8Pp0WqKByiL+lEVab7QJCthF/AdT2Y9Ld4
kF4jB0aG/B56xjzTxlNOSSDDknvD3v8CAwEAAaNrMGkwHwYDVR0jBBgwFoAUXB8j
+sjhITHC2Df2iPzSb8JUQzMwCQYDVR0TBAIwADALBgNVHQ8EBAMCBPAwLgYDVR0R
BCcwJYIJbG9jYWxob3N0ggx3d3cudGVzdC5jb22HBMCoAAGHBH8AAAEwDQYJKoZI
hvcNAQELBQADggEBAEP+W8F5HW7ehmugXUgxVOkjR3l5IcL40MBNWI1kbSuyungu
pAsUKKw2bC+RWeKwuKAZWhp9aDiX2sIrA/kudpR8wN/mYL538+/PceCEtiKlrqyS
QkUUExoj2LE3iv/lXFEnmk7LKvPFarRz87s5DHiXSobJQ1FTWxOOwqjcGb21cw4d
A8lD0MgKPZ1YhldkYA1eMWwwjIt1ZRDOahVIxN8owDhQUaAn/nXy8rxhJiu5TT1r
bS7CWL0zJxa9yCUfhDmDGnBfA3MVfDAnt4+ZOVCabt7ex9ksNqvzV8QmRoXtbxNj
AZlqKN6Hg2kcHoLZPPwqEE/3tbKmsHs1mSNOVdg=
-----END CERTIFICATE-----
EOF

cat > certs/default.key  << "EOF"
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDprN9lav9GGxti
6RZeCnnRf7qc6czT7mtOqLzedJKw51AlrOiODBkY2VPR+cGsJqL1X5YIj02sceal
LWTkAwFGe55xRG9BcRb57vSf5tqFaWWI8yXt9DpFDGM/geCyFFf0THW+E9GlQKym
CanHQUNG/hrXOYvIIn5KrTjvVfWYCmu35AFRElNwQQI/KFC0049J1CGTNv95lHhE
TfN77QEhOxOFRE6BlSgySYThncAnLGGORBVI3woNCbvyi4p1FTbapk0PnDIyywNy
4auIRjq/D6dFqigcoi/pRFWm+0CQrYRfwHU9mPS3eJBeIwdGhvweesY808ZTTkkg
w5J7w97/AgMBAAECggEBAKxzhlKkikxEyQtQFc/FT23LI/+VlDJ76/mbEffidDfW
HhIP73iVeRgbm36FIedYhD8uEd2zVJGFZcBVJfYYOaK4rI/O/4R+X4SIU0SG7JI0
3Fgbicx4x2AZ6kz+HsONu/NxUhu7KKcaec/3pbKFeY81DL31nDFRM38NI82N1Lgk
35qPn+RfnPo3AHPqR7S0ZgVM1tJtYaIMxAs1m/+VUp3YFufSAvGSf3GAFmmtkzP/
iXhaVVsBCp+Bwe4wo/bvagEGJG7wXlOpxyYTCGipn5eqlWLuHm9Pu0e9X949xwFj
Hm8PCumtB8lP5ighjBuJjFIbWI/SStmMJpRlXi67qUECgYEA+CmIlb41SyX9TRM0
UJrIf0u/17IXTjfokxDXHIi5Mjv515DoEg18zwNb23JJA+awpjjVCNjH9cIY+UFJ
KYxPEeRCGeMVErdrDpVOXxuhXEM+5/16zs/xBx0R/Um+7xnnf42tAagbtg9+kyYp
VvT6BLjYD3Vpz8kaPav1BTk10FECgYEA8Q41K7gg6bVMkz/chdQs5uOL2zJT2Vvu
30MvqfbItYaBwGgJ57nLw6VuEeM/SJeR7DhgW1lZdIQfrjAOBQaGGCwdRC4JkSHs
SkYUM3mUcuxwOsJRUo8xLA+YC+Sx/uB2hPEAFFEzF9CDBDc/GXv1tFunogY59nop
COGJEARftk8CgYA/F6AoIgG+p1vs+pL0Y0XSR1nw5tBSDJjOuxtVn9Ul1mXAzpCR
9mfi4cG62yWBHmeO+yf+Zc8AxmY/CMAnFgsMS3IazscOyR8oyADy4T13DYmyxZkx
d2CaJGPsd5FZjMZ0gXqYzzqsYOgXVT5xYzsldDFKTNmoAELxpwRWXaM24QKBgHUs
09nRomYYlAWL6HVBYyZE++nsN+gTkTUD4rp61Kuwm4fcytvSa+NJmgyl61AtJWiv
Kt+cuigyRXgVsertdedwIjXPLyVWWRbto8o10lxe5FsbtA4uvtdNKTq2y3M6x0Hu
KHy3z99Gozk8ZbbMk+49E2pmHmzaivHfOBIKHkBvAoGBALTtWK/Jato2WomqGz1M
covAUEfw4rBzsdV9DlOXjdUR86lB3kDryj5tsi20lHvyWNK2nRbIvrG1OdXgOO3+
SfEBSHHSAPoBtdBPh6GKSNwWuBpoH5Ba2Sn3WmtdQBJTn9Zhv8CEcJ4I8vA7VtsC
9erPLqmR94Wus5DtPJAa/v6c
-----END PRIVATE KEY-----
EOF

3.启动脚本

cat > start.sh << "EOF"
#!/bin/bash
docker stop nginx
docker rm nginx

docker run --detach --name nginx \
  --publish 80:80 \
  --publish 443:443 \
  -v /etc/localtime:/etc/localtime:ro \
  -v $PWD/nginx.conf:/etc/nginx/nginx.conf \
  -v $PWD/conf.d:/etc/nginx/conf.d \
  -v $PWD/certs:/etc/nginx/certs \
  -v $PWD/logs:/var/log/nginx \
  -v /opt/webs:/opt/webs \
  --restart unless-stopped \
  nginx:1.24

EOF

4.热加载脚本

cat > reload.sh << "EOF"
#!/bin/bash

docker exec -it nginx bash -c 'nginx -t && nginx -s reload'

EOF

chmod +x reload.sh

5.运行

chmod +x start.sh reload.sh
./start.sh
#查看运行情况
docker logs -f nginx

Image description 三网大流量卡(正规、非野路子、非物联网卡) – 运营商App可查,点击办理

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称表情代码图片

    暂无评论内容