1. Download the latest nginx docker image
$ docker pull nginx:latest
2. Start nginx container
Run the following command to start nginx container
docker run --detach \
--name wx-nginx \
-p 443:443\
-p 80:80 \
-v /home/evan/workspace/wxserver/nginx/data:/usr/share/nginx/html:rw\
-v /home/evan/workspace/wxserver/nginx/config/:/etc/nginx//:rw\
-v /home/evan/workspace/wxserver/nginx/config//:/etc/nginx//:rw\
-v /home/evan/workspace/wxserver/nginx/logs:/var/log/nginx/:rw\
-v /home/evan/workspace/wxserver/nginx/ssl:/ssl/:rw\
-d nginx
- Map port 443 for https requests
- Map port 80 for http request;
- The storage directory of nginx's default homepage html is mapped to the directory of the host disk, /home/evan/workspace/wxserver/nginx/data
- nginx's configuration file is mapped to the host disk file, /home/evan/workspace/wxserver/nginx/config/
Here are the following documents,
1. nginx configuration file
First of all, the default configuration file is as follows
#Users running nginxuser nginx;
#The startup process is set to equal the number of CPUsworker_processes 1;
#Global error log and location of PID fileerror_log /var/log/nginx/ warn;
pid /var/run/;
#Work mode and number of connectionsevents {
#The maximum number of concurrencies for a single background work process is set to 1024 worker_connections 1024;
}
http {
#Set mime type include /etc/nginx/;
default_type application/octet-stream;
#Set log format log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/ main;
sendfile on;
#tcp_nopush on;
#Set the event of connection timeout keepalive_timeout 65;
#Enable GZIP compression #gzip on;
include /etc/nginx//*.conf;
}
You can see that the last line also contains another configuration file / to configure the server field
server {
listen 80; # Listen to port 80. If all accesses are forced to be HTTPs, this line needs to be logged out. server_name ; #domain name
#charset koi8-r;
#access_log /var/log/nginx/ main;
# Define the homepage index directory and name location / {
root /usr/share/nginx/html;
index ;
}
#Define error prompt page #error_page 404 /;
#Redirect error page to / error_page 500 502 503 504 /;
location = / {
root /usr/share/nginx/html;
}
}
2. The default homepage html file of nginx
You can define one of this html by yourself, and you can do whatever you want.
At this time, you can access the html file defined by nginx directly through the IP address. However, the access at this time is only http, and the access to https is still not possible. You need to add a certificate to the nginx server.
3. Generate certificates through openssl
To set, you need to set the password twice here:
openssl genrsa -des3 -out 1024
For parameter setting, first you need to enter the password you set before:
openssl req -new -key -out
Then you need to enter the following information, just fill in it, anyway, it's for testing
Country Name (2 letter code) [AU]: Country name State or Province Name (full name) [Some-State]: Province Locality Name (eg, city) []: City Organization Name (eg, company) [Internet Widgits Pty Ltd]: Company name Organizational Unit Name (eg, section) []: Common Name (. server FQDN or YOUR name) []: Website domain name Email Address []: Mail Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: Please enter a password here An optional company name []:
Write the RSA key (the password you set earlier is also required here):
openssl rsa -in -out server_nopwd.key
Get the private key:
openssl x509 -req -days 365 -in -signkey server_nopwd.key -out
After completing this step, we get the certificate file and private key we need
4. Configure nginx server to support https access
Copy the file generated in the previous step to the ssl directory on the host, /home/evan/workspace/wxserver/nginx/ssl.
Then modify the configuration file and add SSL support.
server {
listen 80; # Listen to port 80. If all accesses are forced to be HTTPs, this line needs to be logged out. listen 443 ssl;
server_name ; #domain name
# Add ssl #ssl on; #If you force HTTPs access, this line needs to be opened ssl_certificate /ssl/;
ssl_certificate_key /ssl/;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
# Specify the password to the format supported by openssl ssl_protocols SSLv2 SSLv3 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5; # Password encryption method ssl_prefer_server_ciphers on; # Server passwords that rely on SSLv3 and TLSv1 protocols will take precedence over client passwords
# Define the homepage index directory and name location / {
root /usr/share/nginx/html;
index ;
}
#Redirect error page to / error_page 500 502 503 504 /;
location = / {
root /usr/share/nginx/html;
}
}
Restart nginx container, and now you can access nginx server through https
The above is all the content of this article. I hope it will be helpful to everyone's study and I hope everyone will support me more.