Nginx docker-compose 部署案例

教程分享 > Docker部署案例 (102) 2024-11-21 12:15:35

docker-compse.yml配置

version: "3.8"
networks:
 vRouter:
   external: true
services:
 web: 
   image: nginx:1.19.10
   container_name: nginx
   restart: always
   volumes: 
     - ./nginx.conf:/etc/nginx/nginx.conf
     - ./conf.d:/etc/nginx/conf.d
     - ./html/:/usr/share/nginx/html
     - ./log:/var/log/nginx
     - /opt/docker/acme.sh/out:/etc/nginx/conf.d/ssl
   ports: 
     - 80:80
     - 443:443
   networks:
     vRouter:
       aliases:
         - nginx.server
   deploy:
     resources:
       limits:
         memory: 256M

注意:

  • 网络为外部网络vRouter
  • 根据需要配置ssl部分挂载/opt/docker/acme.sh/out:/etc/nginx/conf.d/ssl

部署目录结构

tree -a ./
./
├── conf.d  						#nginx 自定义配置映射目录
│   ├── default.conf					#存放一些通用配置
│   ├── ssl								#存放ssl证书目录(可选)
│   └── xx.com.conf						#自定义配置
├── docker-compose.yml 				#docker-compose配置文件
├── html							#html部署目录(可选)
├── log								#nginx日志映射出来的目录	(启动容器后自动创建)
│   ├── access.log						#nginx 访问日志		(启动容器后自动创建)
│   └── error.log						#nginx 错误日志		(启动容器后自动创建)
├── nginx.conf						#nginx.conf配置,通过映射进去方便更改某些配置
└── nginx.conf.default				#nginx.conf.default 配置模板默认

注意:nginx.conf 不允许放在conf.d目录,否则启动报错

nginx.conf 默认模板

user  nginx;
worker_processes  1;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
   worker_connections  1024;
}

http {
   include       /etc/nginx/mime.types;
   default_type  application/octet-stream;
   log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';
   access_log  /var/log/nginx/access.log  main;
   sendfile        on;
   #tcp_nopush     on;
   keepalive_timeout  65;
   #gzip  on;
   include /etc/nginx/conf.d/*.conf;
}

 

默认配置default.conf

client_max_body_size     50m; #文件大小限制,默认1m
server {
   listen       80;
   server_name  localhost;
   return 403;
}
server {
   listen       443 ssl;
   server_name  localhost;
   ssl_certificate conf.d/ssl/*.xx.com_ecc/fullchain.cer;
   ssl_certificate_key conf.d/ssl/*.xx.com_ecc/*.xx.com.key;
   return 403;
}

说明:

  1. 配置全局最大上传大小50M(可根据情况修改)
  2. 配置在没有正确域名映射关系时候访问80/443端口返回403

 

项目配置xx.com.conf

参考代理后端项目配置

server {
   listen       443 ssl;
   server_name  www.xx.com;
   #ssl 
   ssl_certificate conf.d/ssl/*.xx.com_ecc/fullchain.cer;
   ssl_certificate_key conf.d/ssl/*.xx.com_ecc/*.xx.com.key;
   location / {
   	   # 真实IP转发 (非默认端口需要添加$server_port)
   	   proxy_set_header  X-Real-IP    $remote_addr;
   	   proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_pass  http://your-proxy-server:8080/;
   }
}

同一个vRouter网络的容器,可以通过容器名或容器定义的网络名进行内部访问。

参考代理前端项目配置

server {
   listen       443 ssl;
   server_name  vue-web.xx.com;
   #charset koi8-r;
   #access_log  /var/log/nginx/host.access.log  main;
   ssl_certificate conf.d/ssl/xx.com_bundle.crt;
   ssl_certificate_key conf.d/ssl/xx.com.key;
   gzip on;
   gzip_http_version 1.1;
   gzip_static on;
   gzip_min_length 1;
   gzip_comp_level 4;
   gzip_vary on;
   gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
   location / {
       root   /usr/share/nginx/html/vue-web; 
       index  index.html index.htm;
       try_files $uri $uri/ /index.html;
   }
}

 

部署脚本参考deploy.sh

#!/bin/sh
work_path=$(dirname $0)
cd ${work_path}
work_path=$(pwd) 
echo $work_path
docker-compose --compatibility  build;docker-compose --compatibility down;docker-compose --compatibility up -d;docker image prune -f

 

 

https://www.leftso.com/article/2411211109465938.html

相关文章
部署目录结构tree -a ././├── conf.d #nginx 自定义配置映射目录│ ├── default.conf #存放一些通用配置(可选)│ ├