How to install nginx in docker and configure access via https

1. Download the latest nginx docker image

$ docker pull nginx:latest

2. Start the nginx container

Run the following command to start the nginx container

docker run --detach \
    --name wx-nginx \
    -p 443:443\
    -p 80:80 \
    -v /home/evan/workspace/wxserver/nginx/data:/usr/share/nginx/html:rw\
    -v /home/evan/workspace/wxserver/nginx/config/nginx.conf:/etc/nginx/nginx.conf/:rw\
    -v /home/evan/workspace/wxserver/nginx/config/conf.d/default.conf:/etc/nginx/conf.d/default.conf:rw\
    -v /home/evan/workspace/wxserver/nginx/logs:/var/log/nginx/:rw\
    -v /home/evan/workspace/wxserver/nginx/ssl:/ssl/:rw\
    -d nginx

Map port 443 for https requests
Map port 80 for http requests;
The default homepage html storage directory of nginx is mapped to the host disk directory, /home/evan/workspace/wxserver/nginx/data
The nginx configuration file is mapped to the host disk file, /home/evan/workspace/wxserver/nginx/config/nginx.conf

Here you need to prepare the following files:

1. nginx configuration file

First is the nginx.conf file. The default configuration file is as follows

#User running nginx user nginx;
#Start the process and set it to be equal to the number of CPUs worker_processes 1;

#The location of the global error log and PID file error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

#Working mode and connection limit events {
    #The maximum number of concurrent processes for a single background worker is set to 1024
  worker_connections 1024;
}


http {
    #Set mime type include /etc/nginx/mime.types;
  default_type application/octet-stream;

    #Set the log format log_format main '$remote_addr - $remote_user [$time_local] "$request" '
           '$status $body_bytes_sent "$http_referer" '
           '"$http_user_agent" "$http_x_forwarded_for"';

  access_log /var/log/nginx/access.log main;

  sendfile on;
  #tcp_nopush on;

    #Set the connection timeout event keepalive_timeout 65;

    #Turn on GZIP compression #gzip on;

  include /etc/nginx/conf.d/*.conf;
}

You can see that the last line also contains another configuration file conf.d/default.conf, which is used to configure the server field

server {
  listen 80; #Listen to port 80. If you force all access to be HTTPs, this line needs to be cancelled server_name www.buagengen.com; #Domain name#charset koi8-r;
  #access_log /var/log/nginx/host.access.log main;

    # Define the homepage index directory and name location / {
    root /usr/share/nginx/html;
    index index.html index.htm;
  }

  #Define the error prompt page #error_page 404 /404.html;

  #Redirect error page to /50x.html
  error_page 500 502 503 504 /50x.html;
  location = /50x.html {
    root /usr/share/nginx/html;
  }
}

2. The HTML file of the default homepage of nginx

You can define this html yourself, any one is fine.

At this time, you can access the HTML file defined by nginx directly through the IP address. However, access at this time is only via http, and access via https is still not possible. You need to add a certificate to the nginx server.

3. Generate a certificate through openssl

Set server.key. You need to set the password twice:

openssl genrsa -des3 -out server.key 1024

Parameter setting, first you need to enter the password you set previously:

openssl req -new -key server.key -out server.csr

Then you need to enter the following information, just fill it out roughly, anyway, it is for testing

Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: 
Common Name (eg server FQDN or YOUR name) []: Website domain Email Address []: Email address Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: Enter a password here An optional company name []:

Write the RSA key (you are also required to enter the password you set previously):

openssl rsa -in server.key -out server_nopwd.key

Get the private key:

openssl x509 -req -days 365 -in server.csr -signkey server_nopwd.key -out server.crt

After completing this step, we get the certificate file and private key we need.

server.crt
server.key

4. Configure nginx server to support https access

Copy the file generated in the previous step to the ssl directory on the host, /home/evan/workspace/wxserver/nginx/ssl.

Then modify the configuration file default.conf and add ssl support.

server {
  listen 80; #Listen to port 80. If you force all access to be HTTPs, this line needs to be unregistered. listen 443 ssl;
  server_name www.buagengen.com; #Domain name# Add SSL
  #ssl on; #If you force HTTPs access, this line should open ssl_certificate /ssl/server.crt;
  ssl_certificate_key /ssl/server.key;

  ssl_session_cache shared:SSL:1m;
  ssl_session_timeout 5m;

   # Specify the cipher in the format supported by openssl ssl_protocols SSLv2 SSLv3 TLSv1.2;

   ssl_ciphers HIGH:!aNULL:!MD5; # Password encryption method ssl_prefer_server_ciphers on; # Server ciphers that rely on SSLv3 and TLSv1 protocols will take precedence over client ciphers # Define the homepage index directory and name location / {
    root /usr/share/nginx/html;
    index index.html index.htm;
   }

  #Redirect error page to /50x.html
  error_page 500 502 503 504 /50x.html;
  location = /50x.html {
    root /usr/share/nginx/html;
  }
}

Restart the nginx container. Now you can access the nginx server through https.

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in:

How to install and configure Docker nginx
Docker installation Nginx tutorial implementation illustration
How to install Nginx in Docker
Install Nginx and configure port forwarding using Docker

<<: MySQL 5.5.56 version (binary package installation) custom installation path step record

>>: Detailed explanation of the use of React.cloneElement

TypeScript uses vscode to monitor the code compilation process

How to install nginx in docker and configure access via https

TypeScript uses vscode to monitor the code compilation process

Detailed explanation of the problem when combining CSS ellipsis and padding

Thoughts on truncation of multi-line text with a "show more" button

How to pull the docker image to view the version

How to solve the problem of not finding the password after decompressing the MySQL free installation version

How to install mysql8.0.23 under win10 and solve the problem of "the service does not respond to the control function"

HTML5 and jQuery to implement preview code examples before uploading local pictures

Detailed explanation of JavaScript private class fields and TypeScript private modifiers

How to modify port 3389 of Windows server 2008 R2 remote desktop

Steps to package and release the Vue project

Recommend

mysql splits a row of data into multiple rows based on commas

Tutorial on using portainer to connect to remote docker

Three ways to delete a table in MySQL (summary)

Detailed explanation of the usage of DECIMAL in MySQL data type

MySQL tutorial on how to deploy multiple instances on a single machine using mysqld_multi

Differences between FLOW CHART and UI FLOW

CSS clicks on the radio to switch between two image styles and only one of the multiple radios can be checked

How to install redis in Docke

HTML page jump code

Vue implements pull-down to load more

MySQL uses the truncate command to quickly clear all tables in a database

How to query the minimum available id value in the Mysql table

Vue implements time countdown function

WeChat applet implements video player sending bullet screen

How to start multiple MySQL databases on a Linux host