拉取 nginx 镜像
- 查看最新版本:http://nginx.org/en/download.html
- 拉取 nginx 镜像,获取当前最新的 Stable (1.24.0):
docker pull nginx:1.24.0
nginx 相关的配置
创建挂载目录
1
mkdir -p /home/nginx /home/nginx/conf.d /home/nginx/cert
配置文件:先运行 nginx docker,再复制默认配置文件来修改
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24docker pull nginx:1.24.0
docker run --name nginx -d nginx:1.24.0
# 添加启动参数
docker update --restart=always nginx
docker ps -a | grep nginx
docker stop nginx
docker rm nginx
docker run \
-p 80:80 \
-p 443:443 \
--name nginx \
--restart=always \
-v /home/nginx/conf.d:/etc/nginx/conf.d \
-v /home/nginx/cert:/etc/nginx/cert \
-v /home/nginx/nginx.conf:/etc/nginx/nginx.conf \
-v /home/nginx/error.log:/var/log/nginx/error.log \
-d nginx:1.24.0
# 查看启动日志
docker logs nginx从镜像复制出来的原始配置文件
nginx.conf:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}修改之后的 nginx.conf:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
# buffers
client_body_buffer_size 128K;
client_header_buffer_size 16k;
client_max_body_size 16m;
large_client_header_buffers 8 24k;
# timeouts
keepalive_timeout 65;
client_body_timeout 90;
client_header_timeout 60;
send_timeout 90;
# proxy settings
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}将网站配置文件添加到挂载目录:
/home/nginx/conf.d后,重新运行 docker 即可
加载最新配置
无需重新启动 docker 容器即可重新加载 nginx 最新配置。nginx 可以 hot-reload 配置而不重新启动。1
2
3
4
5
6
7
8
9# 要测试配置,只需执行以下命令:
docker exec nginx容器名 nginx -t
# 要重新加载新配置:
docker exec nginx容器名 nginx -s reload
# 比如容器名是 nginx,运行以下命令
docker exec nginx nginx -t
docker exec nginx nginx -s reload
配置反向代理,IP 地址问题
配置文件中的 127.0.0.1 或者 localhost 代表的是容器的 ip 地址,不是宿主机的,所以,访问时会有问题,会一直报错:
[error] 20#20: *1 connect() failed (111: Connection refused) while connecting to upstream1
22023/09/25 08:23:37 [error] 20#20: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.31.188, server: wxjxadmin.tbwxjx.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:81/", host: "192.168.31.88"
2023/09/25 08:23:37 [error] 20#20: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.31.188, server: wxjxadmin.tbwxjx.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:81/favicon.ico", host: "192.168.31.88", referrer: "http://192.168.31.88/"解决:将配置文件中的 IP 地址指向被代理主机的 IP,如果是宿主机,要用实际 IP 地址,不要用 127.0.0.1 和 localhost
No route to host
telnet: connect to address 116.196.67.28: No route to host
解决:
firewall-cmd –zone=public –add-port=80/tcp –permanent
firewall-cmd –reload
1 | # Active: inactive (dead) 表示服务已停止 |
查看防火墙状态
firewall-cmd –state
