首先是要将 Node Server 进行Docker 化,间接在我的项目中退出 Dockerfile。
nginx 的配置文件如下
server {
listen 80;server_name example.org;server_tokens off;location /.well-known/acme-challenge/ { root /var/www/certbot;}location / { return 301 }}
server {
listen 443 ssl;server_name example.org;server_tokens off;ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;include /etc/letsencrypt/options-ssl-nginx.conf;ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;location / { proxy_pass proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}}
拼装 Node Server + Nginx
咱们当初曾经取得了一个有了非法证书的 Nginx 页游的服务器了,将 node server 接在 Nginx 的前面就功败垂成了。 咱们间接在后面的boilerplate中提供的 docker-compose.yml 进行一些批改。
version: "3"
services:
nodeapp:
image: nodeserver:1.0.0container_name: nodeapprestart: unless-stoppedvolumes: - /data/usersFolder:/server/configports: - "3000:3000"networks: - app-networknginx:
image: nginx:1.15-alpinecontainer_name: nginx_serverrestart: unless-stoppedvolumes: - ./data/nginx:/etwww.pizei.comc/nginx/conf.d - ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/www:/var/www/certbotports: - "80:80" - "443:443"networks: - app-networkcommand: '/bin/sh -c ''while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''certbot:
image: certbot/certbotrestart: unless-stoppedcontainer_name: certbot_onevolumes: - ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/www:/var/www/certbotentrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"networks:
app-network:
driver: bridge通过创立一个 network 来让 nginx 间接和 node server 通信,nginx 的conf 也能够写的比拟顺滑。以前我记得能够应用 —link 来进行容器间通信,但官网更举荐的做法还是创立一个 network