docker 容器内的 Nginx SSL
Nginx SSL inside a docker container
我已将 Docker 容器配置到 运行 Nginx 并设置 /etc/nginx/sites-available/default 文件,如下所示
server
{
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
server_name example.com;
location / {
try_files $uri $uri/ /index.html;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server
{
listen 443;
root /usr/share/nginx/html;
index index.php index.html index.htm;
server_name example.com;
ssl on;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
location / {
try_files $uri $uri/ /index.html;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
当我 运行 docker 容器
时,我在主机上映射 /etc/ssl/certs 和 /etc/ssl/private 文件夹
docker run -dt -p 8080:443 -p 8081:80 -v /t-base/log:/var/log/nginx -v
/etc/ssl/certs:/etc/ssl/certs -v /etc/ssl/private:/etc/ssl/private nginx
Docker ps shows
Up n minutes 0.0.0.0:8081->80/tcp 0.0.0.0:8080->443/tcp <container-name>
并且映射的 /t-base/log 文件夹中的 nginx 错误日志文件保持为空。
docker exec -it <container-name> /bin/bash
接着是
service nginx status
刚回来说nginx是运行ning.
以上所有情况都表明一切正常。但是,我发现虽然我可以浏览到
http://example.com:8080
打开默认页面
https://example.com:8081
Chrome 向我展示了默认的 "sad smiley" 错误页面。我看不出我在这里做错了什么。如果有任何帮助,我将不胜感激。
您已互换端口。根据这个命令行-p 8080:443 -p 8081:80,你应该做:
https://example.com:8080 注意这是 https
和
http://example.com:8081
这应该有效
我已将 Docker 容器配置到 运行 Nginx 并设置 /etc/nginx/sites-available/default 文件,如下所示
server
{
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
server_name example.com;
location / {
try_files $uri $uri/ /index.html;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server
{
listen 443;
root /usr/share/nginx/html;
index index.php index.html index.htm;
server_name example.com;
ssl on;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
location / {
try_files $uri $uri/ /index.html;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
当我 运行 docker 容器
时,我在主机上映射 /etc/ssl/certs 和 /etc/ssl/private 文件夹docker run -dt -p 8080:443 -p 8081:80 -v /t-base/log:/var/log/nginx -v
/etc/ssl/certs:/etc/ssl/certs -v /etc/ssl/private:/etc/ssl/private nginx
Docker ps shows
Up n minutes 0.0.0.0:8081->80/tcp 0.0.0.0:8080->443/tcp <container-name>
并且映射的 /t-base/log 文件夹中的 nginx 错误日志文件保持为空。
docker exec -it <container-name> /bin/bash
接着是
service nginx status
刚回来说nginx是运行ning.
以上所有情况都表明一切正常。但是,我发现虽然我可以浏览到
http://example.com:8080
打开默认页面
https://example.com:8081
Chrome 向我展示了默认的 "sad smiley" 错误页面。我看不出我在这里做错了什么。如果有任何帮助,我将不胜感激。
您已互换端口。根据这个命令行-p 8080:443 -p 8081:80,你应该做:
https://example.com:8080 注意这是 https
和
http://example.com:8081
这应该有效