启动命令
docker run -d -p 80:80 --name nginx -v $PWD/nginx.conf:/etc/nginx/nginx.conf -v $PWD/conf.d/:/etc/nginx/conf.d/ -v $PWD/ssl/:/etc/nginx/ssl/ --restart unless-stopped nginx:1.14.2
ssl:目录下放置ssl证书
nginx.conf:全局配置文件
conf.d/www.demo.com.conf:对应域名配置
参考配置:
nginx.conf
user nginx; worker_processes auto; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; multi_accept on; } http { include mime.types; default_type application/octet-stream; charset utf-8; sendfile on; tcp_nopush on; tcp_nodelay on; reset_timedout_connection on; keepalive_timeout 65; client_max_body_size 1024m; open_file_cache max=65535 inactive=30s; open_file_cache_min_uses 3; open_file_cache_valid 60s; gzip on; gzip_min_length 256; gzip_types *; include /etc/nginx/conf.d/*.conf; }
conf.d/www.demo.com.conf
server { listen 80; server_name www.demo.com; return 301 https://$host$request_uri; } server { listen 443 ssl; server_name www.demo.com; ssl_certificate /etc/nginx/ssl/www.demo.com.crt; ssl_certificate_key /etc/nginx/ssl/www.demo.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass http://localhost:8060; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }