在nginx配置文件上实现https [英] implement https on nginx config file
问题描述
我有一个用vuejs编写的单页应用程序我想使用digitalocean,nginx和docker部署应用程序
I have a single page application written with vuejs and i want to deploy the application using digitalocean, nginx and docker
我的问题是,我需要添加到配置文件/docker文件中的内容是什么使该应用程序将使用https而不使用http?(我将使用自签名证书)
my question is, what do i need to add to the config file/docker file to make that the app will use https and not http? (i'm going to use self signed certificates)
是的,我已经搜索了问题,但似乎没有任何效果带有该模板.
yes, i searched the question already, but nothing seems to work with that template.
此外,此应用程序的后端是带有express的nodejs将位于同一台数字海洋服务器上的不同容器中
also, the backend for this app is nodejs with express that will be on different container on the same digital ocean server
我正在使用vue docs中的docker文件模板:
Im using the docker file template from vue docs:
dockerfile:
dockerfile:
# build stage
FROM node:9.11.1-alpine as build-stage
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
# production stage
FROM nginx:1.13.12-alpine as production-stage
COPY --from=build-stage /app/dist /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
nginx.conf:
nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
谢谢.
推荐答案
在构建期间仅复制SSL和conf都将其同时保存在docker文件根目录的 configs/nginx/中
Just copy SSL and conf during build time keep both in configs/nginx/ in the root of your docker file
# build stage
FROM node:9.11.1-alpine as build-stage
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
COPY configs/nginx/conf.d/ /etc/nginx/conf.d/
COPY configs/nginx/nginx.conf /etc/nginx/nginx.conf
COPY configs/nginx/ssl/ /etc/nginx/ssl/
RUN rm -rf /etc/nginx/conf.d/default.conf
# production stage
FROM nginx:1.13.12-alpine as production-stage
COPY --from=build-stage /app/dist /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
您的nginx.conf
your nginx.conf
#test comment4
user nginx;
daemon off;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 120;
gzip on;
include /etc/nginx/conf.d/*.conf;
}
/etc/nginx/conf.d/mydoamin.com
server {
listen 80;
server_name mydomain.com default_server;
add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
expires off;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name mydomain.com;
client_max_body_size 32M;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
ssl_certificate /etc/nginx/ssl/mydomain.bundle.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.com.key;
root "/usr/share/nginx/html";
index index.html index.htm index.php; #####fruther config####
}
所以更新命令将是
docker run -it --add-host boomerb2b.com:192.168.1.23 -p 443:443 -p 80:80 --rm --name app nginx-ssl:latest
此外,如果不解析域,请在/etc/hosts处添加值
Also, add value at /etc/hosts if not resolving domain
vim /etc/hosts/
192.168.1.23 boomerb2b.com
这篇关于在nginx配置文件上实现https的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
