共计 1634 个字符,预计需要花费 5 分钟才能阅读完成。
首先是要将 Node Server 进行 Docker 化,间接在我的项目中退出 Dockerfile。
nginx 的配置文件如下
server {
listen 80;
server_name example.org;
server_tokens off;
location /.well-known/acme-challenge/ {root /var/www/certbot;}
location / {return 301}}
server {
listen 443 ssl;
server_name example.org;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}}
拼装 Node Server + Nginx
咱们当初曾经取得了一个有了非法证书的 Nginx 页游的服务器了,将 node server 接在 Nginx 的前面就功败垂成了。咱们间接在后面的 boilerplate 中提供的 docker-compose.yml 进行一些批改。
version: “3”
services:
nodeapp:
image: nodeserver:1.0.0
container_name: nodeapp
restart: unless-stopped
volumes:
- /data/usersFolder:/server/config
ports:
- "3000:3000"
networks:
- app-networknginx:
image: nginx:1.15-alpine
container_name: nginx_server
restart: unless-stopped
volumes:
- ./data/nginx:/etwww.pizei.comc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
ports:
- "80:80"
- "443:443"
networks:
- app-network
command: '/bin/sh -c''while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''certbot:
image: certbot/certbot
restart: unless-stopped
container_name: certbot_one
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"networks:
app-network:
driver: bridge通过创立一个 network 来让 nginx 间接和 node server 通信,nginx 的 conf 也能够写的比拟顺滑。以前我记得能够应用 —link 来进行容器间通信,但官网更举荐的做法还是创立一个 network
正文完