目的
在Docker运行Nginx,反代其他Docker container,例如本博客,Ghost
本章实现功能
自动创建的Ghost博客的Nginx配置
自动创建的Ghost博客的Let's encrypt的SSL证书
并运行
实例
mkdir nginx/volumes/templates -p
git clone https://github.com/jwilder/nginx-proxy.git
cp nginx-proxy/nginx.tmpl nginx/volumes/templates
rm -rf nginx-proxy
cd nginx
创建个docker-compose文件
vim docker-compose.yml
内容
version: "2"
services:
nginx:
restart: unless-stopped
image: nginx:alpine
container_name: nginx
ports:
- "80:80"
- "443:443"
volumes:
- "./volumes/conf.d:/etc/nginx/conf.d:ro"
- "./volumes/vhost.d:/etc/nginx/vhost.d:ro"
- "./volumes/certs:/etc/nginx/certs:ro"
- "/usr/share/nginx/html"
networks:
- nginx-proxy
docker-gen:
restart: unless-stopped
image: jwilder/docker-gen:0.7.3
container_name: docker-gen
depends_on:
- nginx
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "./volumes/templates:/etc/docker-gen/templates:ro"
- "./volumes/conf.d:/etc/nginx/conf.d:rw"
networks:
- nginx-proxy
entrypoint: /usr/local/bin/docker-gen -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
letsencrypt:
restart: unless-stopped
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt
depends_on:
- nginx
- docker-gen
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./volumes/vhost.d:/etc/nginx/vhost.d:rw"
- "./volumes/certs:/etc/nginx/certs:rw"
environment:
- "NGINX_DOCKER_GEN_CONTAINER=docker-gen"
networks:
nginx-proxy:
external:
name: "nginx-proxy"
docker network create nginx-proxy
运行
docker-compose up -d
在其他container里连接Nginx实现反代
添加在其他container的docker-compose.yml
environment:
- VIRTUAL_HOST=kdaye.com,www.kdaye.com
- LETSENCRYPT_HOST=kdaye.com,www.kdaye.com
- LETSENCRYPT_EMAIL=k@kdaye.com
networks:
- nginx-proxy
networks:
nginx-proxy:
external:
name: "nginx-proxy"
即可,我将会在下章安装Ghost里用到。
参考:
https://hub.docker.com/r/jwilder/nginx-proxy/