使用 Nginx 訪問容器

我有一個 Centos 7 伺服器。在這台伺服器上，我有 Nginx。

在這個伺服器中，我有一個包含我的應用程序的 Docker。

應用程序.yml：

version: '2'
services:
   myBrand-app:
       image: myBrand
       environment:
           - _JAVA_OPTIONS=-Xmx512m -Xms256m
           - SPRING_PROFILES_ACTIVE=prod,swagger
           - SPRING_DATASOURCE_URL=jdbc:postgresql://myBrand-postgresql:5432/myBrand
           - SLEEP=10 # gives time for the database to boot before the application
       ports:
           - 8080:8080
   myBrand-postgresql:
       extends:
           file: postgresql.yml
           service: myBrand-postgresql

是否可以通過我的伺服器的 ip 通過 Nginx 代理訪問 Docker？

我想使用 Nginx 作為容器的反向代理。

以下是如何配置 nginx 以將來自 Internet 的流量直接路由到您自己的伺服器執行的本地主機埠。

當您安裝 nginx 時，它通常會在位置安裝其預設配置文件

cat /etc/nginx/nginx.conf

在上述文件的底部附近，您應該會看到類似於

   include /etc/nginx/sites-enabled/default;
}

如果不只是創建上面的預設文件，它可以如下所示

cat /etc/nginx/sites-enabled/default; 

其中可以包含

server { 

   listen  80 ;

   server_name   example.com, www.example.com;

   rewrite ^/(.*) https://example.com/$1 permanent; # mysettings
}

# ..................  enduser .................. #

server {  #  redirect www to normal domain

   listen       443  ssl ;

   server_name www.example.com;

   include /etc/nginx/mysettings/include/ssl;

   return 301 https://example.com$request_uri;
}

server {

   listen  443 ssl ;

   include /etc/nginx/mysettings/include/ssl;

   server_name  example.com;

   include /etc/nginx/snippets/nginx_common_location_443;

   location / {

       # route to enduser 

       proxy_pass http://127.0.0.1:3000/;
   }


   include /etc/nginx/mysettings/include/custom_server_include;

}

在上面你看到這部分：

   location / {

       # route to enduser 

       proxy_pass http://127.0.0.1:3000/;
   }

它定義了一條路由，將來自外部網際網路的流量引導到我的伺服器的指定主機和埠，在上面的範例中，它位於 127.0.0.1:3000 …在您的情況下，將我的 3000 替換為您的埠 8080 …所以現在當瀏覽器轉到

https://example.com

該流量被路由到我執行的主機埠

http://127.0.0.1:3000/

為了完整起見，我現在向您展示上面配置文件中提到的一些幫助設置文件

cat /etc/nginx/myconfig/include/ssl;

看起來像

#
# Based on https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.4.6&openssl=1.0.1f&hsts=yes&profile=modern
ssl_certificate     /mydir/nginx/sslcerts/example.com/fullchain.pem;
ssl_certificate_key /mydir/nginx/sslcerts/example.com/privkey.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:5m;

# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /etc/ssl/certs/dhparam.pem;

ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';

和另一個配置文件在這裡

cat /etc/nginx/snippets/nginx_common_location_443;

其中包含

# the following is required for WebSockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;

如果您有多個要定義的路線，您可以將它們放入一個文件中

cat /etc/nginx/myconfig/include/custom_server_include; 

看起來類似於

if ( $request_method !~ ^(GET|POST|PUT|PATCH|DELETE|OPTIONS)$ ) {
   # now send to error
   return 404;
}

location ~* \.(php)$ {
   # matches any request ending in php
   return 403;
}

location /apataki {
   proxy_pass http://localhost:28778/;
}

location /hooks/ {

   # this is my webhook server
   proxy_pass http://localhost:9000/hooks/;
}

# .......

error_page 404 /error_404.html;
location = /error_404.html {
 root  /cryptdata/var/deploy;
}

error_page 502 /error_502.html;
location = /error_502.html {
 root  /cryptdata/var/deploy;
}

引用自：https://unix.stackexchange.com/questions/505157