From e7f172583088a38024beae06e6589b119bfd206a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E5=82=85=E5=93=A5?= <184172133@qq.com> Date: Sat, 17 Aug 2024 18:30:18 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20ssl=20nginx=20=E9=83=A8=E7=BD=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/{ => freessl}/dev-ops/docker-compose.yml | 0 .../dev-ops/nginx/conf/conf.d/default.conf | 0 .../conf/conf.d/ssl01.xiaofuge.tech.conf | 0 .../conf/conf.d/ssl02.xiaofuge.tech.conf | 0 .../dev-ops/nginx/conf/nginx.conf | 0 .../dev-ops/nginx/html/index.html | 0 .../dev-ops/nginx/logs/access.log | 0 .../dev-ops/nginx/logs/error.log | 0 docs/httpsok/docker-compose.yml | 17 ++++ docs/httpsok/nginx/conf/conf.d/default.conf | 20 ++++ .../conf/conf.d/ssl01.xiaofuge.tech.conf | 35 +++++++ .../conf/conf.d/ssl02.xiaofuge.tech.conf | 35 +++++++ docs/httpsok/nginx/conf/nginx.conf | 32 +++++++ docs/httpsok/nginx/html/index.html | 10 ++ docs/httpsok/nginx/logs/access.log | 0 docs/httpsok/nginx/logs/error.log | 0 docs/httpsok/nginx/ssl/_.xiaofuge.tech.key | 27 ++++++ docs/httpsok/nginx/ssl/_.xiaofuge.tech.pem | 91 +++++++++++++++++++ 18 files changed, 267 insertions(+) rename docs/{ => freessl}/dev-ops/docker-compose.yml (100%) rename docs/{ => freessl}/dev-ops/nginx/conf/conf.d/default.conf (100%) rename docs/{ => freessl}/dev-ops/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf (100%) rename docs/{ => freessl}/dev-ops/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf (100%) rename docs/{ => freessl}/dev-ops/nginx/conf/nginx.conf (100%) rename docs/{ => freessl}/dev-ops/nginx/html/index.html (100%) rename docs/{ => freessl}/dev-ops/nginx/logs/access.log (100%) rename docs/{ => freessl}/dev-ops/nginx/logs/error.log (100%) create mode 100644 docs/httpsok/docker-compose.yml create mode 100644 docs/httpsok/nginx/conf/conf.d/default.conf create mode 100644 docs/httpsok/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf create mode 100644 docs/httpsok/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf create mode 100644 docs/httpsok/nginx/conf/nginx.conf create mode 100644 docs/httpsok/nginx/html/index.html create mode 100644 docs/httpsok/nginx/logs/access.log create mode 100644 docs/httpsok/nginx/logs/error.log create mode 100644 docs/httpsok/nginx/ssl/_.xiaofuge.tech.key create mode 100644 docs/httpsok/nginx/ssl/_.xiaofuge.tech.pem diff --git a/docs/dev-ops/docker-compose.yml b/docs/freessl/dev-ops/docker-compose.yml similarity index 100% rename from docs/dev-ops/docker-compose.yml rename to docs/freessl/dev-ops/docker-compose.yml diff --git a/docs/dev-ops/nginx/conf/conf.d/default.conf b/docs/freessl/dev-ops/nginx/conf/conf.d/default.conf similarity index 100% rename from docs/dev-ops/nginx/conf/conf.d/default.conf rename to docs/freessl/dev-ops/nginx/conf/conf.d/default.conf diff --git a/docs/dev-ops/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf b/docs/freessl/dev-ops/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf similarity index 100% rename from docs/dev-ops/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf rename to docs/freessl/dev-ops/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf diff --git a/docs/dev-ops/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf b/docs/freessl/dev-ops/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf similarity index 100% rename from docs/dev-ops/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf rename to docs/freessl/dev-ops/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf diff --git a/docs/dev-ops/nginx/conf/nginx.conf b/docs/freessl/dev-ops/nginx/conf/nginx.conf similarity index 100% rename from docs/dev-ops/nginx/conf/nginx.conf rename to docs/freessl/dev-ops/nginx/conf/nginx.conf diff --git a/docs/dev-ops/nginx/html/index.html b/docs/freessl/dev-ops/nginx/html/index.html similarity index 100% rename from docs/dev-ops/nginx/html/index.html rename to docs/freessl/dev-ops/nginx/html/index.html diff --git a/docs/dev-ops/nginx/logs/access.log b/docs/freessl/dev-ops/nginx/logs/access.log similarity index 100% rename from docs/dev-ops/nginx/logs/access.log rename to docs/freessl/dev-ops/nginx/logs/access.log diff --git a/docs/dev-ops/nginx/logs/error.log b/docs/freessl/dev-ops/nginx/logs/error.log similarity index 100% rename from docs/dev-ops/nginx/logs/error.log rename to docs/freessl/dev-ops/nginx/logs/error.log diff --git a/docs/httpsok/docker-compose.yml b/docs/httpsok/docker-compose.yml new file mode 100644 index 0000000..fd157fa --- /dev/null +++ b/docs/httpsok/docker-compose.yml @@ -0,0 +1,17 @@ +version: '3' +# docker-compose -f docker-compose.yml up -d +services: + nginx: + image: nginx:1.25.3 + container_name: nginx + ports: + - '443:443' + - '80:80' + volumes: + - ./nginx/logs:/var/log/nginx + - ./nginx/html:/usr/share/nginx/html + - ./nginx/conf/nginx.conf:/etc/nginx/nginx.conf + - ./nginx/conf/conf.d:/etc/nginx/conf.d + - ./nginx/ssl:/etc/nginx/ssl/ + privileged: true + restart: always \ No newline at end of file diff --git a/docs/httpsok/nginx/conf/conf.d/default.conf b/docs/httpsok/nginx/conf/conf.d/default.conf new file mode 100644 index 0000000..f49b7ee --- /dev/null +++ b/docs/httpsok/nginx/conf/conf.d/default.conf @@ -0,0 +1,20 @@ +server { + listen 80; + listen [::]:80; + + location / { + root /usr/share/nginx/html; + index index.html; + } + + location /api { + root /usr/share/nginx/html; + index index.html; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + +} \ No newline at end of file diff --git a/docs/httpsok/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf b/docs/httpsok/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf new file mode 100644 index 0000000..37f9185 --- /dev/null +++ b/docs/httpsok/nginx/conf/conf.d/ssl01.xiaofuge.tech.conf @@ -0,0 +1,35 @@ +server { + listen 80; + listen [::]:80; + server_name ssl01.xiaofuge.tech; + + rewrite ^(.*) https://$server_name$1 permanent; + +} + +server { + listen 443 ssl; + server_name ssl01.xiaofuge.tech; + + ssl_certificate /etc/nginx/ssl/_.xiaofuge.tech.pem; + ssl_certificate_key /etc/nginx/ssl/_.xiaofuge.tech.key; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + root /usr/share/nginx/html; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } +} \ No newline at end of file diff --git a/docs/httpsok/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf b/docs/httpsok/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf new file mode 100644 index 0000000..f40d8e5 --- /dev/null +++ b/docs/httpsok/nginx/conf/conf.d/ssl02.xiaofuge.tech.conf @@ -0,0 +1,35 @@ +server { + listen 80; + listen [::]:80; + server_name ssl02.xiaofuge.tech; + + rewrite ^(.*) https://$server_name$1 permanent; + +} + +server { + listen 443 ssl; + server_name ssl02.xiaofuge.tech; + + ssl_certificate /etc/nginx/ssl/_.xiaofuge.tech.pem; + ssl_certificate_key /etc/nginx/ssl/_.xiaofuge.tech.key; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + root /usr/share/nginx/html; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } +} \ No newline at end of file diff --git a/docs/httpsok/nginx/conf/nginx.conf b/docs/httpsok/nginx/conf/nginx.conf new file mode 100644 index 0000000..358f019 --- /dev/null +++ b/docs/httpsok/nginx/conf/nginx.conf @@ -0,0 +1,32 @@ + +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log notice; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} \ No newline at end of file diff --git a/docs/httpsok/nginx/html/index.html b/docs/httpsok/nginx/html/index.html new file mode 100644 index 0000000..ad22a5a --- /dev/null +++ b/docs/httpsok/nginx/html/index.html @@ -0,0 +1,10 @@ + + +
+ +