启动容器
#!/bin/bash
docker rm -f nginx
docker run -d \
--name nginx \
--network host \
--restart=always \
-e TZ=Asia/Shanghai \
-v ${PWD}/nginx.conf:/etc/nginx/nginx.conf:ro \
-v ${PWD}/nginx_logs:/var/log/nginx \
-v ${PWD}/ssl:/etc/nginx/ssl \
nginx:alpine
参数说明
--network
设置为host模式,方便nginx做端口转发${PWD}/nginx.conf
nginx配置文件,内容如下${PWD}/nginx_logs
nginx日志,最好定期清理,否则文件会越来越大${PWD}/ssl
https证书,里面应该包含fullchain.pem和privatekey.pem
nginx.conf
user nginx;
pid /var/run/nginx.pid;
error_log /var/log/nginx/error.log notice;
worker_processes auto;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$http_x_forwarded_for - [$time_local] $status "$request" "$http_user_agent"';
access_log /var/log/nginx/access.log main;
server {
listen 80;
listen 443 ssl http2;
server_name [域名或IP];
# https证书
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privatekey.pem;
location / {
proxy_pass http://localhost:4567; # 转发到本机4567端口
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
(......其他域名的配置,格式跟上面一样,用server包裹)
# 最后,为没有匹配到域名设置默认规则
server {
listen 80 default_server;
listen 443 ssl http2 default_server;
server_name _; # 下划线表示没有匹配到规则的域名
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privatekey.pem;
return 404;
}
}
如何自定义502页面
首先把自定义的502.html挂载到容器中
-v ${PWD}/502.html:/502.html
然后修改nginx的server块
server {
listen 80;
listen 443 ssl http2;
server_name [域名];
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privatekey.pem;
location / {
proxy_pass http://127.0.0.1:9000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# 这里的响应码必须设置成200,否则会显示成cloudflare默认的502页面
error_page 502 =200 /502.html;
location = /502.html {
root /;
# 不可以让浏览器缓存这个页面,否则等服务器恢复正常后,相应的api接口就请求不成功了,会直接返回缓存的502页面
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0";
}
}
添加两个指令:
- error_page指令:把错误页面502的返回值修改为200,返回内容为/502.html
- root指令:可以理解为,要使用哪个目录下的502.html文件。因为上面已经把502.html挂载到容器内的根目录,所以这里就设置为容器内的
/
根目录
比如我的网站在升级的时候,会显示自定义的502页面,提升用户体验
补充
-
Nginx的指令(directive)不能连着写,中间要加空格,否则nginx无法解析指令,会报错,比如:
# 错误的写法 if($uri="api/test"){ ...... } # 正确的写法 if ( $uri = "api/test" ) { ...... } `
-
POST请求经过301重定向后会变成GET请求,并且会丢失请求参数,建议以后Nginx做Http重定向的时候,使用307代替301重定向