Description: This service is only mentioned in the test of common use, may contain unknown bug or immature solutions, for reference only, please do not for a formal environment, of course, the course welcome any questions put to me, I can keep improving
GitHub Address: https://github.com/wll-zhou/nginx_proxy_docker
nginx is not just a high-performance web server software can also be used for forward proxy and reverse proxy, but nginx does not support https forward proxy, the authors searched existing solutions, and the final service integrate Docker subsequent docker run directly through the ready to use
First, realize that under the https nginx forward proxy, this is a good ngx_http_proxy_connect_module module developed by others, the details can refer to this article, the focus of this article is to record how integrated inside Docker
First prepare the working directory
mkdir -p nginx/workdir && cd nginx/workdir
Download nginx version specified, the corresponding module ngx_http_proxy_connect_module
wget http://nginx.org/download/nginx-1.17.4.tar.gz git clone https://github.com/chobits/ngx_http_proxy_connect_module.git nginx_proxy
Return to the previous nginx directory, start writing Dockerfile
# Base image, with this centos7 relatively large, generally using Alpine the FROM CentOS:. 7 # tool mounting base dependent RUN yum install -y patch gcc glibc- devel make openssl-devel pcre-devel zlib-devel gd-devel geoip-devel perl -devel # nginx add user groups and users, used to start nginx users see their own situation, it also launched www RUN groupadd -g 101 nginx \ && adduser -u 101 -d / var / Cache / nginx -s / sbin / nologin -g nginx nginx # workdir copy of the current directory to the mirror / workdir cOPY ./workdir / workdir # Change the current directory / workdir the wORKDIR / workdir # nginx installation services (corresponding to the added ngx_http_proxy_connect_module) after the installation finished corresponding to # package Contents delete RUN tar -zxvf nginx-1.17.4.tar.gz && cd nginx-1.17.4 \ && Patch -p1 </workdir/nginx_proxy/patch/proxy_connect_rewrite_101504.patch \ && ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-1.17.1/debian/debuild-base/nginx-1.17.1=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' --add-module=/workdir/nginx_proxy \ The make the make install && && \ && cd / && the Workdir RM -rf / the Workdir / * # start nginx service, pay attention to add -g daemon off behind disables the daemon mode CMD [ "nginx", "-g ", " daemon off; "]
That's all Dockerfile, the current working directory structure
.
├── Dockerfile
└── workdir
├── nginx-1.17.4.tar.gz
└── nginx_proxy
The following image began to build, -t represents the name of the mirror taken behind that. Can not be missed, the current directory, the whole process will take some time, depending on network machines
docker build -t nginx:proxy_1.17.4 .
build a successful logo:
Successfully built 5e54788aa240
Successfully tagged nginx:proxy_1.17.4
If it fails, then there will be a corresponding prompt, follow the prompts to resolve.
Now image is generated, docker image ls to see if it has nginx: proxy_1.17.4 the
Then you can run, of course, be prepared to see the corresponding nginx configuration file, the proxy configuration plus
server {
listen 8888;
access_log /var/log/nginx/proxy.log;
# dns resolver used by forward proxying
resolver 8.8.8.8;
# forward proxy for CONNECT request
proxy_connect;
proxy_connect_allow 443 563;
proxy_connect_connect_timeout 10s;
proxy_connect_read_timeout 10s;
proxy_connect_send_timeout 10s;
# forward proxy for non-CONNECT request
location / {
proxy_pass http://$host;
proxy_set_header Host $host;
}
}
Run-time image (corresponding to path and can set their own port)
docker run -d -p 8888:8888 -v /home/www/image/nginx/nginx.conf:/etc/nginx/nginx.conf nginx:proxy_1.17.4
After starting the agent under test is available
curl https://www.geek-share.com -v -x 127.0.0.1:8888
Thus, integrated into the docker finished, for a subsequent machine, the mirror copy directly to it, then it docker RUN, a lot easier
The above service has been released to GitHub, the clone can be run directly down, of course, your machine has been installed to docker
https://github.com/wll-zhou/nginx_proxy_docker
Please correct the problem!
Article simultaneous release: https://www.geek-share.com/detail/2780659901.html