安装Nginx+nginx-proxy+letsencrypt in Docker

目的

在Docker运行Nginx,反代其他Docker container,例如本博客,Ghost

本章实现功能

自动创建的Ghost博客的Nginx配置
自动创建的Ghost博客的Let's encrypt的SSL证书
并运行

实例

mkdir nginx/volumes/templates -p
git clone https://github.com/jwilder/nginx-proxy.git
cp nginx-proxy/nginx.tmpl nginx/volumes/templates
rm -rf nginx-proxy
cd nginx

创建个docker-compose文件
vim docker-compose.yml
内容

version: "2"

services:
   nginx:
     restart: unless-stopped
     image: nginx:alpine
     container_name: nginx
     ports:
      - "80:80"
      - "443:443"
     volumes:
      - "./volumes/conf.d:/etc/nginx/conf.d:ro"
      - "./volumes/vhost.d:/etc/nginx/vhost.d:ro"
      - "./volumes/certs:/etc/nginx/certs:ro"
      - "/usr/share/nginx/html"
     networks:
      - nginx-proxy

   docker-gen:
     restart: unless-stopped
     image: jwilder/docker-gen:0.7.3
     container_name: docker-gen
     depends_on:
      - nginx
     volumes_from:
      - nginx
     volumes:
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
      - "./volumes/templates:/etc/docker-gen/templates:ro"
      - "./volumes/conf.d:/etc/nginx/conf.d:rw"
     networks:
      - nginx-proxy
     entrypoint: /usr/local/bin/docker-gen -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf

   letsencrypt:
     restart: unless-stopped
     image: jrcs/letsencrypt-nginx-proxy-companion
     container_name: letsencrypt
     depends_on:
      - nginx
      - docker-gen
     volumes_from:
      - nginx
     volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./volumes/vhost.d:/etc/nginx/vhost.d:rw"
      - "./volumes/certs:/etc/nginx/certs:rw"
     environment:
      - "NGINX_DOCKER_GEN_CONTAINER=docker-gen"

networks:
  nginx-proxy:
    external:
      name: "nginx-proxy"

docker network create nginx-proxy
运行
docker-compose up -d

在其他container里连接Nginx实现反代

添加在其他container的docker-compose.yml

  environment:  
      - VIRTUAL_HOST=kdaye.com,www.kdaye.com
      - LETSENCRYPT_HOST=kdaye.com,www.kdaye.com
      - LETSENCRYPT_EMAIL=k@kdaye.com
  networks:
      - nginx-proxy

networks:
  nginx-proxy:
    external:
      name: "nginx-proxy"

即可,我将会在下章安装Ghost里用到。
参考:
https://hub.docker.com/r/jwilder/nginx-proxy/

Show Comments