オレオレ証明書
|
1 |
openssl req -x509 -nodes -new -keyout server.key -out server.crt -days 365 |
nginx.conf
nginx.conf
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
<span class="k">user</span> <span class="s">nginx</span><span class="p">;</span> <span class="k">worker_processes</span> <span class="s">auto</span><span class="p">;</span> <span class="k">error_log</span> <span class="n">/var/log/nginx/error.log</span> <span class="s">warn</span><span class="p">;</span> <span class="k">pid</span> <span class="n">/var/run/nginx.pid</span><span class="p">;</span> <span class="k">events</span> <span class="p">{</span> <span class="kn">worker_connections</span> <span class="mi">1024</span><span class="p">;</span> <span class="p">}</span> <span class="k">http</span> <span class="p">{</span> <span class="kn">include</span> <span class="n">/etc/nginx/mime.types</span><span class="p">;</span> <span class="kn">default_type</span> <span class="nc">application/octet-stream</span><span class="p">;</span> <span class="kn">log_format</span> <span class="s">main</span> <span class="s">'</span><span class="nv">$remote_addr</span> <span class="s">-</span> <span class="nv">$remote_user</span> <span class="s">[</span><span class="nv">$time_local</span><span class="s">]</span> <span class="s">"</span><span class="nv">$request</span><span class="s">"</span> <span class="s">'</span> <span class="s">'</span><span class="nv">$status</span> <span class="nv">$body_bytes_sent</span> <span class="s">"</span><span class="nv">$http_referer</span><span class="s">"</span> <span class="s">'</span> <span class="s">'"</span><span class="nv">$http_user_agent</span><span class="s">"</span> <span class="s">"</span><span class="nv">$http_x_forwarded_for</span><span class="s">"'</span><span class="p">;</span> <span class="kn">access_log</span> <span class="n">/var/log/nginx/access.log</span> <span class="s">main</span><span class="p">;</span> <span class="kn">sendfile</span> <span class="no">on</span><span class="p">;</span> <span class="kn">keepalive_timeout</span> <span class="mi">65</span><span class="p">;</span> <span class="kn">server</span> <span class="p">{</span> <span class="kn">listen</span> <span class="mi">80</span> <span class="p">;</span> <span class="kn">listen</span> <span class="s">[::]:80</span><span class="p">;</span> <span class="kn">server_name</span> <span class="s">_</span> <span class="err">}</span> <span class="s">server</span> <span class="p">{</span> <span class="kn">listen</span> <span class="mi">443</span><span class="p">;</span> <span class="kn">listen</span> <span class="s">[::]:443</span><span class="p">;</span> <span class="kn">server_name</span> <span class="s">_</span><span class="p">;</span> <span class="kn">ssl</span> <span class="no">on</span><span class="p">;</span> <span class="kn">ssl_certificate</span> <span class="n">/etc/nginx/server.crt</span><span class="p">;</span> <span class="kn">ssl_certificate_key</span> <span class="n">/etc/nginx/server.key</span><span class="p">;</span> <span class="kn">location</span> <span class="n">/</span> <span class="p">{</span> <span class="kn">proxy_pass</span> <span class="s">https://vamdemicsystem.black/</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> |
Dockerfile
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
FROM nginx # RUN apk add --no-cache openssl # ドキュメントルート COPY nginx.conf /etc/nginx/nginx.conf # COPY default.conf /etc/nginx/conf.d/default.conf # SSL証明書 COPY server.crt /etc/nginx/server.crt COPY server.key /etc/nginx/server.key EXPOSE 80 443 |
起動
|
1 2 |
docker build -t nginx443 . docker run --name nginx -d -p 80:80 -p 443:443 nginx443:latest |