Docker部署 Nginx -本地or离线

docker部署Nginx

docker部署nginx

拉取nginx镜像
docker pull nginx:1.19.2
运行nginx
docker run --name nginx -p 80:80 -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf:/etc/nginx/conf.d -d nginx:1.19.2

• docker-compose启动

version: "3.2"
services:
  nginx:
   image: nginx:1.19.2
   container_name: nginx
   restart: always
   ports:
     - 80:80
   volumes:
     - /data/nginx/html:/usr/share/nginx/html
     - /data/nginx/conf:/etc/nginx/conf.d

本地部署nginx

离线部署

官方下载安装包
http://nginx.org/en/download.html
wget 或scp传入/data/nginx目录
解压
tar -zxvf nginx-xxxx.tar.gz
进入解压目录。进行编译安装
安装依赖
下载rpm包安装即可
pcre，zlib，gcc，openssl
pcre-devel zlib-devel

• 编译

 ./configure 
 --prefix=/etc/nginx 
 --sbin-path=/usr/sbin/nginx 
 --conf-path=/etc/nginx/nginx.conf 
 --error-log-path=/var/log/nginx/error.log 
 --http-log-path=/var/log/nginx/access.log 
 --pid-path=/var/run/nginx.pid 
 --lock-path=/var/run/nginx.lock 
 --with-http_ssl_module 
 --with-http_realip_module 
 --with-http_addition_module 
 --with-http_sub_module 
 --with-http_gunzip_module 
 --with-http_gzip_static_module 
 --with-http_stub_status_module 
 --with-stream

• 安装

make && make install

Nginx升级

【备份配置文件】
cp -R /etc/nginx /tmp/nginx_old_config

【卸载原nginx】
service nginx stop
chkconfig nginx off
ps -ef | grep nginx
kill -9 {pid}
rm -rf /usr/sbin/nginx
rm -rf /etc/nginx
rm -rf /etc/init.d/nginx
yum remove nginx

【解压nginx】
cd /tmp
tar -zxvf nginx-1.15.12.tar.gz
cd nginx-1.15.12

【隐藏NGINX banner 和版本号】
修改源代码/src/core/nginx.h

#define nginx_version      33333005010
#define NGINX_VERSION      "888888888"
#define NGINX_VER          "haha/" NGINX_VERSION
#define NGINX_VAR          "AHAH"

--force --nodeps
【编译】
./configure 
--prefix=/etc/nginx 
--sbin-path=/usr/sbin/nginx 
--conf-path=/etc/nginx/nginx.conf 
--error-log-path=/var/log/nginx/error.log 
--http-log-path=/var/log/nginx/access.log 
--pid-path=/var/run/nginx.pid 
--lock-path=/var/run/nginx.lock 
--with-http_ssl_module 
--with-http_realip_module 
--with-http_addition_module 
--with-http_sub_module 
--with-http_gunzip_module 
--with-http_gzip_static_module 
--with-http_stub_status_module 
--with-stream

make && make install


【命令】
测试
nginx -t

启动
nginx

停止
nginx -s stop



源码安装需要需要安装：pcre，zlib，gcc，openssl
 pcre-devel 的zlib-devel
 
 
 
 openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout cert.pem -out cert.pem -config req.conf -extensions 'v3_req'
 
 
 
 生成ssl证书
 openssl  req -nodes -newkey rsa:1024 -out myreq.pem -keyout privatekey.pem
 openssl req -in myreq.pem -x509 -key privatekey.pem -out mycert.pem -days 365
 http://www.linuxe.cn/post-425.html
 
 server {
        listen       443 ssl;
        server_name  test.com;
        keepalive_timeout  100;  #开启keepalive
        ssl on;
        ssl_certificate      /usr/local/nginx/ssl/cert.pem;  #指定数字证书文件
        ssl_certificate_key  /usr/local/nginx/ssl/cert.key;  #指定数字证书私钥文件
        ssl_session_cache    shared:SSL:10m;  #缓存session会话
        ssl_session_timeout  10m;  #session 10分钟过期
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        location / {
            root   html;
            index  index.html index.htm;
        }