docker - nginx 实用脚本和配置

发表评论
2079 次查看

 ›
 ›
docker - nginx 实用脚本和配置 
#!/bin/bash

while  getopts  :abcde:f:h  opt
    do
        case  "$opt" in 
            a)
                docker restart nginx;
                echo  "nginx is restart";;
            b)
                docker stop nginx;
                docker rm nginx;
                docker run -p 80:80 -p 443:443 --name nginx --restart=always \
                    -v /opt/nginx/log:/var/log/nginx  \
                    -v /opt/nginx/html:/usr/share/nginx/html \
                    -v /opt/nginx/conf.d:/etc/nginx/conf.d  \
                    -d nginx;
                echo  "nginx is reload successfully";;
            c)
                docker stop nginx;    
                echo  "nginx is stop";;
            d)
                docker start nginx;
                echo  "nginx is start";;
            e)
                sed -i "0,/:443 /{s/:443 /:443 -p $OPTARG:$OPTARG /}" reload.sh; chmod +x reload.sh;
                echo "add new port successfully and add value  $OPTARG";;
            f)
                sed -i "s/-p $OPTARG:$OPTARG //" reload.sh; chmod +x reload.sh;
                echo "delete port successfully and delete value  $OPTARG";;
            h)
                echo "-a nginx restart"
                echo "-b nginx reload"
                echo "-c nginx stop"
                echo "-d nginx start"
                echo "-e nginx add port"
                echo "-f nginx delete port"
                echo "-h nginx show help";;
            *) 
                echo  "Unknown option :$opt";;
    esac
done

server {   
    listen 80;  
    server_name home.xiaochun.cloud;   
    rewrite ^(.*)$ https://$host$1 permanent; 
}
server {
        listen       443 ssl;
        server_name  home.xiaochun.cloud;

        # ssl证书地址
        ssl_certificate     /etc/nginx/conf.d/home.xiaochun.cloud/home.xiaochun.cloud.pem;  
        ssl_certificate_key  /etc/nginx/conf.d/home.xiaochun.cloud/home.xiaochun.cloud.key; 

        # ssl验证相关配置
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;    
        ssl_ciphers HIGH:!aNULL:!MD5;    
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    
        ssl_prefer_server_ciphers on;  

        location / {
            # root   /usr/share/nginx/html;
            # index  index.html index.htm;
            # try_files $uri $uri/ /index.html; 
            # gzip_static on;
            proxy_pass http://192.168.1.7:8008;
        }

        # location /api { 
        #     proxy_pass http://192.168.1.7:8008;
        #     proxy_read_timeout 90;
        #     proxy_http_version 1.1;
        #     proxy_set_header Upgrade $http_upgrade;
        #     proxy_set_header Connection $http_connection;
        #     proxy_set_header Host $host;
        #     proxy_set_header X-Real-IP $remote_addr;
        #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        #     proxy_set_header X-Forwarded-Proto $scheme;
        #     proxy_cache_bypass $http_upgrade; 
        # }

        error_page   500 502 503 504  /50x.html;
        # location = /50x.html {
        #    root   /usr/share/nginx/html; 
        # }

    }