VeryNginx Docker / FGHRSH Service Node Infrastructure
- 启用 Strict-SNI1,保护源站 IP 不被 SSL 暴露
- 基于 Nginx 1.17.7 编译,集成 VeryNginx 脚本
- 支持 HTTP 2 / TLS 1.3 / Brotli / Headers More 等
1 如遇 CDN 回源 503 错误,请修改
nginx.conf:strict_sni off;
- Hello World
/data/wwwroot/example.com- 网站根目录/data/wwwlogs/example.com-xxx.log- 网站日志记录/root/docker_data/nginx/ssl/example.com.crt(key)- 存放证书/root/docker_data/nginx/vhosts/example.com.conf- 网站配置文件
docker run -d --restart always \
-p 80:80 -p 443:443 --name nginx \
-v /data/wwwroot:/data/wwwroot \
-v /data/wwwlogs:/data/wwwlogs \
-v /root/docker_data/nginx/ssl:/etc/nginx/ssl:ro \
-v /root/docker_data/nginx/vhosts:/etc/nginx/vhosts:ro \
fghrsh/fsn_nginx:verynginx- Advanced Setting
mkdir -p /root/docker_data/nginx/- 创建存放配置的目录,可自行修改curl -fSL https://raw.githubusercontent.com/fghrsh/FSN_Nginx_Docker/verynginx/conf/nginx.conf > /root/docker_data/nginx/nginx.confcurl -fSL https://raw.githubusercontent.com/fghrsh/FSN_Nginx_Docker/verynginx/verynginx/configs/config.json > /root/docker_data/nginx/verynginx.jsonsetfacl -m u:82:rw /root/docker_data/nginx/verynginx.jsonvim /root/docker_data/nginx/nginx.conf- 编辑 nginx.conf
docker run -d --restart always \
-p 80:80 -p 443:443 --name nginx \
-v /data/wwwroot:/data/wwwroot \
-v /data/wwwlogs:/data/wwwlogs \
-v /etc/localtime:/etc/localtime:ro \
-v /root/docker_data/nginx/ssl:/etc/nginx/ssl:ro \
-v /root/docker_data/nginx/vhosts:/etc/nginx/vhosts:ro \
-v /root/docker_data/nginx/nginx.conf:/etc/nginx/nginx.conf:ro \
-v /root/docker_data/nginx/verynginx.json:/opt/verynginx/configs/config.json \
--network fsn fghrsh/fsn_nginx:verynginx- 参数说明
/etc/localtime- 用于同步 宿主机 时区设置docker network create fsn- 创建 fsn 网络,用于容器间连接docker run --network fsn- 接入 fsn 网络(视情况修改,不需要可去除
server {
listen 80;
listen 443 ssl http2;
# this line shoud be include in every server block
include /opt/verynginx/nginx_conf/in_server_block.conf;
server_name example.com;
root /data/wwwroot/example.com;
index index.html index.htm index.php;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
location ~ \.php$ {
fastcgi_pass php-example:9000;
fastcgi_index index.php;
fastcgi_param DOCUMENT_ROOT /data/wwwroot/example.com;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/example.com$fastcgi_script_name;
include fastcgi.conf;
}
access_log /data/wwwlogs/example.com-access.log main;
error_log /data/wwwlogs/example.com-error.log crit;
}
(๑´ㅁ`) 都看到这了,点个 Star 吧 ~
- VeryNginx / @alexazhou / LGPL-3.0
- docker nginx / @nginxinc, @lwl12, @metowolf