标签:Admin NET nginx jenlins conf home net6 Docker docker
1.Docker安装。
Docker -> 虚拟化容器技术。
Docker基于镜像,可以秒级启动各种容器。每一种容器都是一个完整的运行环境,容器之间互相隔离。
1、选择要安装的平台
Docker要求CentOS系统的内核版本高于3.10
uname -r #通过 uname -r 命令查看你当前的内核版本
安装文档地址
2、选择要安装的操作系统
3、首先卸载已安装的Docker
使用Root权限登录 Centos。确保yum包更新到最新。
sudo yum update
如果你的操作系统没有安装过Docker , 就不需要执行卸载命令。
sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine
4、建立仓库
## 安装Docker所需要的一些工具包 sudo yum install -y yum-utils ## 建立Docker仓库 (映射仓库地址) sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo
5、安装Docker引擎
sudo yum install docker-ce docker-ce-cli containerd.io
6、启动Docker
sudo systemctl start docker
7、测试 Docker 是否安装正常
sudo docker run hello-world
出现这个代表docker安装成功
2.Docker 搭建 Jenkins 容器
1、Jenkins镜像
#查询镜像 docker search jenkins
这里使用的是第二个镜像(因为第一个镜像的docker版本较低)
#下载镜像 docker pull jenkins/jenkins
#查看镜像 docker images
2、启动Jenkins容器
创建挂载文件夹,并且进行文件权限授予
#创建文件夹 mkdir -p /home/jenkins_home #权限 chmod 777 /home/jenkins_home docker run -d -uroot -p 9095:8080 -p 50000:50000 --name jenkins \ -v /home/jenkins_home:/var/jenkins_home \ -v /home/jenkins_settings:/var/settings \ -v /etc/localtime:/etc/localtime \ -v /var/run/docker.sock:/var/run/docker.sock \ -v $(which docker):/usr/bin/docker -d -u 0 jenkins/jenkins:latest
命令 描述
-d 后台运行容器,并返回容器ID
-uroot 使用 root 身份进入容器,推荐加上,避免容器内执行某些命令时报权限错误
-p 9095:8080 将容器内8080端口映射至宿主机9095端口,这个是访问jenkins的端口
-p 50000:50000 将容器内50000端口映射至宿主机50000端口
--name jenkins 设置容器名称为jenkins
-v /home/jenkins_home:/var/jenkins_home :/var/jenkins_home目录为容器jenkins工作目录,我们将硬盘上的一个目录挂载到这个位置,方便后续更新镜像后继续使用原来的工作目录
-v /etc/localtime:/etc/localtime 让容器使用和服务器同样的时间设置
jenkins/jenkins 镜像的名称,这里也可以写镜像ID
#日志查看 docker logs jenkins
3、访问Jenkins
在浏览器中输入:http://serverIp:port/访问jenkins,serverIp为docker宿主机的ip,port即为宿主机映射的端口。我的即为:
http://127.0.0.1:9095/
4、安装插件
因为网络原因,需要将插件源设置为国内的,这样才可以安装插件。进入宿主机目录 /home/jenkins_home/,编辑文件 hudson.model.UpdateCenter.xml
cd /home/jenkins_home/ cat hudson.model.UpdateCenter.xml
将 url 内容修改为 https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json(清华大学官方镜像)
重启容器
docker restart jenkins
重启之后,选择推荐插件安装!!!
5、插件安装完成,创建管理员用户
6、单独安装jenkins插件
点击左侧 manage Jenkins 菜单,然后点击 manage plugin 进入插件管理中心
1. Chinese 插件
点击 available ,在搜索框输入 Chinese ,然后点击安装
2.gitee插件
输入gitee查找,在查询列表勾选 Gitee(如列表中不存在 Gitee,则点击 Check now 更新插件列表)
3.pipeline流水线插件
4.docker,docker-build-step插件安装
安装完成插件以后,需要重启 Jenkins 汉化等功能方能生效
docker restart jenkins
3.Admin.NET项目配置(Service)
1、根目录新增Jenkinsfile_Admin文件(示例使用的腾讯云的个人镜像服务,阿里云操作基本一致)
Jenkinsfile_Admin文件示例:
pipeline { environment { //镜像仓库域名 dev registryDomain = 'ccr.ccs.tencentyun.com' //镜像仓库命名空间 (腾讯云新建命名空间) registryNamespace = 'xxx' //镜像仓库密钥(jenkins全局凭据 (unrestricted)新建腾讯云docker密码) registryCredential = 'TencentCloudDocker' projectName = 'admin.net.service' //项目端口 projectPort = 5120 //标签 tag = "${env.BUILD_ID}" //镜像名称 imageName = "${registryDomain}/${registryNamespace}/${projectName}:${tag}" //dockerfile路径区分大小写 dockerfileUrl='./Admin.NET/Admin.NET.Web.Entry/Dockerfile' //Gitee(jenkins新建Gitee账户密码) gitCredential = 'gitee' //Git地址 gitUrl='https://gitee.com/xxx/Admin.NET.git' dockerImage = '' } agent any stages { stage('Cloning Git') { steps { git credentialsId: gitCredential, url:gitUrl, branch:env.BRANCH_NAME } } stage('Building Docker Image') { steps { script { envName = GetEnvironment() dockerImage = docker.build(imageName, "-f ${dockerfileUrl} --build-arg env=${envName} .") } } } stage('Push Image to Docker Repostory') { steps { script { docker.withRegistry("http://${registryDomain}", registryCredential ) { dockerImage.push() } } } } stage('Deploy for test') { // when { // branch 'develop' // } steps { script { //TencentCloud (jenkins全局凭据 (unrestricted)新建腾讯云账户密码) rserver = GetRemoteServer('腾讯云地址1xx.7x.9x.1xx','TencentCloud') DeployDocker(rserver) } } } stage('Deploy for production') { when { branch 'main' } steps { script { rserver = GetRemoteServer('腾讯云地址1xx.7x.9x.1xx','TencentCloud') DeployDocker(rserver) } } } stage('Clear Images') { steps { script { //删除none无用容器 sh 'docker rmi $(docker images -f "dangling=true" -q) || true ' //sh "docker rmi -f \$(docker images | grep '${projectName}' | awk '{print \$3}') || true " } } } } } def GetEnvironment(){ switch("${env.BRANCH_NAME}") { case "develop": result = "dev" break case "main": result = "prod" break default: result = "" break } echo "环境变量:${env.BRANCH_NAME}|${result}" return result } def GetRemoteServer(host,credential) { def remote = [:] remote.name = host remote.host = host remote.port = 22 remote.allowAnyHosts = true loginInfo = GetCredentials(credential) remote.user = "${loginInfo.username}" remote.password = "${loginInfo.password}" // echo "服务器地址:${remote.name}-${remote.host}-${remote.port}||${remote};账户信息:${loginInfo.username}-${loginInfo.password}" return remote } def GetCredentials(id) { def info = [:] //通过withCredentials调用Jenkins凭据中已保存的凭据,credentialsId需要填写,其他保持默认即可 withCredentials([usernamePassword(credentialsId: id, passwordVariable: 'password', usernameVariable: 'userName')]) { info.username = "${userName}" info.password = "${password}" } return info } def DeployDocker(rserver) { echo '================开始拉取镜像================' dockerLoginInfo = GetCredentials(registryCredential) sshCommand remote: rserver, command: "sudo docker login -u=${dockerLoginInfo.username} -p ${dockerLoginInfo.password} ${registryDomain}" sshCommand remote: rserver, command: "sudo docker pull ${imageName}" echo '================结束拉取镜像================' echo '================开始删除镜像================' sshCommand remote: rserver, command: "sudo docker rm -f ${projectName} || true " echo '================结束删除镜像================' echo '================开始启动容器================' sshCommand remote: rserver, command: "sudo docker run -d --name ${projectName} -p ${projectPort}:${projectPort} ${imageName}" echo '================结束启动容器================!' sshCommand remote: rserver, command: 'exit' echo '================done================!' }
2、Dockerfile文件调整
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base WORKDIR /app RUN sed -i "s|TLSv1.2|TLSv1|g" /etc/ssl/openssl.cnf RUN sed -i "s|DEFAULT@SECLEVEL=2|DEFAULT@SECLEVEL=1|g" /etc/ssl/openssl.cnf COPY ./sources.list /etc/apt/sources.list #RUN apt-get update && apt-get install -y libgdiplus && apt-get install curl -y RUN apt-get update && apt-get install curl -y EXPOSE 80 FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build WORKDIR /src #COPY ["Admin.NET/Admin.NET.Application/Admin.NET.Application.csproj", "Admin.NET.Application/"] #COPY ["Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj", "Admin.NET.Core/"] #COPY ["Admin.NET/Admin.NET.Web.Core/Admin.NET.Web.Core.csproj", "Admin.NET.Web.Core/"] #COPY ["Admin.NET/Admin.NET.Web.Entry/Admin.NET.Web.Entry.csproj", "Admin.NET.Web.Entry/"] #COPY ["Admin.NET/Admin.NET.Web.Entry/nuget.config", "Admin.NET.Web.Entry/"] ##COPY ["Admin.NET.Web.Entry/nuget.config", "Admin.NET.Web.Core/"] COPY . . RUN dotnet restore "Admin.NET/Admin.NET.Web.Entry/Admin.NET.Web.Entry.csproj" --configfile "Admin.NET/Admin.NET.Web.Entry/nuget.config" COPY . . WORKDIR "/src/Admin.NET/Admin.NET.Web.Entry" RUN dotnet build "Admin.NET.Web.Entry.csproj" -c Release -o /app/build FROM build AS publish RUN dotnet publish "Admin.NET.Web.Entry.csproj" -c Release -o /app/publish FROM base AS final WORKDIR /app COPY --from=publish /app/publish . ENTRYPOINT ["dotnet", "Admin.NET.Web.Entry.dll"]
3、根目录新增sources.list
deb http://mirrors.aliyun.com/debian/ bullseye main non-free contrib deb-src http://mirrors.aliyun.com/debian/ bullseye main non-free contrib deb http://mirrors.aliyun.com/debian-security/ bullseye-security main deb-src http://mirrors.aliyun.com/debian-security/ bullseye-security main deb http://mirrors.aliyun.com/debian/ bullseye-updates main non-free contrib deb-src http://mirrors.aliyun.com/debian/ bullseye-updates main non-free contrib deb http://mirrors.aliyun.com/debian/ bullseye-backports main non-free contrib deb-src http://mirrors.aliyun.com/debian/ bullseye-backports main non-free contrib
4、Admin.NET.Web.Entry类库新增nuget.config
列出所有已知包源。 还原操作期间以及任何项目都使用 PackageReference 格式忽略该顺序。 NuGet 遵循使用 packages.config项目安装和更新操作的源顺序。
<?xml version="1.0" encoding="utf-8"?> <configuration> <packageSources> <add key="nuget" value="https://nuget.cdn.azure.cn/v3/index.json" /> </packageSources> </configuration>
4.Jenkins net6 持续集成(流水线方式)
1、Jenkins新增流水线任务
2、配置名称描述
3、配置分支源
4、选择不通过scm自动化触发
5、配置 Build Configuration
脚本路径, Jenkinsfile_Admin
6、jenkins配置全局凭据
配置gitee账户密码,腾讯云docker镜像账户密码,服务器登录密码。在jenkins文件中会用到
7、扫描多分支流水线
8、点击立刻构建
9、查看部署是否成功
5.Admin.NET项目配置(UI)
1、根目录新增Jenkinsfile_AdminUI文件(示例使用的腾讯云的个人镜像服务,阿里云操作基本一致)
Jenkinsfile_AdminUI文件示例:
pipeline { environment { //镜像仓库域名 dev registryDomain = 'ccr.ccs.tencentyun.com' //镜像仓库命名空间 registryNamespace = '6ce27670-6dc6-4801' //镜像仓库密钥 registryCredential = 'TencentCloud' projectName = 'admin.net.ui' //项目端口 projectPort = 5309 //标签 tag = "${env.BUILD_ID}" //镜像名称 imageName = "${registryDomain}/${registryNamespace}/${projectName}:${tag}" //dockerfile路径区分大小写 dockerfileUrl="./Web/Dockerfile" //Git密钥 gitCredential = '277827509' //Git地址 gitUrl='https://gitee.com/HaiLinWang/Admin.NET.git' dockerImage = '' } agent any stages { stage('Cloning Git') { steps { git credentialsId: gitCredential, url:gitUrl, branch:env.BRANCH_NAME } } stage('Building Docker Image') { steps { script { envName = GetEnvironment() dockerImage = docker.build(imageName, "-f ${dockerfileUrl} --build-arg env=${envName} .") } } } stage('Push Image to Docker Repostory') { steps { script { docker.withRegistry("http://${registryDomain}", registryCredential ) { dockerImage.push() } } } } stage('Deploy for test') { when { branch 'develop' } steps { script { rserver = GetRemoteServer('159.75.95.177','TencentCloud') DeployDocker(rserver) } } } stage('Deploy for production') { when { branch 'main' } steps { script { rserver = GetRemoteServer('159.75.95.177','TencentCloud') DeployDocker(rserver) } } } stage('Clear Images') { steps { script { //删除none无用容器 sh 'docker rmi $(docker images -f "dangling=true" -q) || true ' //sh "docker rmi -f \$(docker images | grep '${projectName}' | awk '{print \$3}') || true " } } } } } def GetEnvironment(){ switch("${env.BRANCH_NAME}") { case "develop": result = "dev" break case "main": result = "prod" break default: result = "" break } echo "环境变量:${env.BRANCH_NAME}|${result}" return result } def GetRemoteServer(host,credential) { def remote = [:] remote.name = host remote.host = host remote.port = 22 remote.allowAnyHosts = true loginInfo = GetCredentials(credential) remote.user = "${loginInfo.username}" remote.password = "${loginInfo.password}" return remote } def GetCredentials(id) { def info = [:] //通过withCredentials调用Jenkins凭据中已保存的凭据,credentialsId需要填写,其他保持默认即可 withCredentials([usernamePassword(credentialsId: id, passwordVariable: 'password', usernameVariable: 'userName')]) { info.username = "${userName}" info.password = "${password}" } return info } def DeployDocker(rserver) { echo '================开始拉取镜像================' dockerLoginInfo = GetCredentials(registryCredential) sshCommand remote: rserver, command: "sudo docker login -u=${dockerLoginInfo.username} -p ${dockerLoginInfo.password} ${registryDomain}" sshCommand remote: rserver, command: "sudo docker pull ${imageName}" echo '================结束拉取镜像================' echo '================开始删除镜像================' sshCommand remote: rserver, command: "sudo docker rm -f ${projectName} || true " echo '================结束删除镜像================' echo '================开始启动容器================' sshCommand remote: rserver, command: "sudo docker run -d --name ${projectName} -p ${projectPort}:${projectPort} ${imageName}" echo '================结束启动容器================!' sshCommand remote: rserver, command: 'exit' echo '================done================!' }
2、WEB目录新增Dockerfile文件
ARG env=prod # build stage FROM node:lts-alpine as build-stage ARG env WORKDIR /app # 复制符合.dockerignore规则的文件 # COPY Web/ /app COPY Web/package*.json ./ RUN ls # 安装依赖 RUN npm install cnpm -g --no-progress --registry=https://registry.npm.taobao.org RUN cnpm install --no-progress # RUN npm i -g vite COPY Web/ . RUN ls # 构建 RUN npm run build FROM nginx as production-stage ARG env COPY --from=build-stage /app/dist/ /usr/share/nginx/html COPY Web/nginx.dev.conf /etc/nginx/nginx.conf
3、web目录新增nginx.dev.config
worker_processes auto; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #防止出现post403错误 sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; client_max_body_size 20m; server { listen 5309; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.hmt; #这里以下是要添加的 proxy_set_header host $host; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; proxy_set_header X-real-ip $remote_addr; #在TOMCAT配置CORS不太容易 所以在NGINX进行配置,这样就不需要在TOMCAT进行配置 #参加跨域支持 Allow-Origin用*有时候不行 add_header Access-Control-Allow-Origin $http_origin; add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS'; add_header Access-Control-Allow-Credentials 'true'; add_header Access-Control-Allow-Headers 'X-Requested-With,Accept, Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; if ($request_method = 'OPTIONS') { add_header 'Access-Control-Max-Age' 1728000; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, DELETE, PUT, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Accept, Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Content-Length' 0; return 204; } } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } }
4、web目录新增.dockerignore文件
类似于 .gitignore,使用 .dockerignore 可以限制 copy 到容器内的文件,这样一些和容器内app运行无关的文件就不会被复制到容器内。对于 node 程序,.dockerignore 的内容可以是 node_modules, .git 等等。不复制 node_modules 的原因是,容器内运行 npm install 命令生成此文件夹。容器内 app 运行所不需要的任何文件都可以在这个文件中指定,.dockerignore 文件名必须以点号开头,文件举例:
# Dependency directory # https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git node_modules .DS_Store dist # node-waf configuration .lock-wscript # Compiled binary addons (http://nodejs.org/api/addons.html) build/Release .dockerignore Dockerfile *docker-compose* # Logs logs *.log # Runtime data .idea .vscode *.suo *.ntvs* *.njsproj *.sln *.sw* pids *.pid *.seed .git .hg .svn
.dockerignore 与 Dockerfile 放在同一路径下:
5、修改.env.production文件
# 线上环境 ENV = 'production' # 线上环境接口地址 VITE_API_URL = 'https://adminapi.skssea.com'
6.Jenkins AdminUI 持续集成(流水线方式)
1、使用方式
使用方式和步奏4一致
2、可能遇到的问题
本人服务器是腾讯云2核4g轻量云服务器。部署了docker,jenkins,redis,mysql等服务。占用了2g内存。 在编译vue项目的时候。dockerfile 步骤npm run build 出现以下错误。同时cpu+内存暴涨
[0m[91mnpm ERR! path /app npm ERR! command failed npm ERR! signal SIGKILL npm ERR! command sh -c -- vite build
原因:build占用cpu,内存过高,资源占用过高服务被杀死,服务器内存不足 一般是在build的时候出现的
解决:在不增加服务器配置的情况下,使用本地编译,上传dist文件。调整dockerfile+.dockerignore+.gitignore文件。
调整.dockerignore。去掉dist过滤
调整.gitignore,去掉dist过滤
3、dockerfile文件修改示例
ARG env=prod # build stage FROM node:lts-alpine as build-stage ARG env WORKDIR /app COPY Web/ ./ # RUN ls FROM nginx as production-stage ARG env RUN mkdir /app COPY --from=build-stage /app/dist/ /usr/share/nginx/html # RUN ls COPY Web/nginx.dev.conf /etc/nginx/nginx.conf
7.Docker搭建Nginx
1、寻找Nginx镜像
2、下载Nginx镜像
|
命令
|
描述
|
|
docker pull nginx
|
下载最新版Nginx镜像 (其实此命令就等同于 : docker pull nginx:latest )
|
|
docker pull nginx:xxx
|
下载指定版本的Nginx镜像 (xxx指具体版本号)
|
3、创建Nginx配置文件
启动前需要先创建Nginx外部挂载的配置文件( /home/nginx/conf/nginx.conf)
之所以要先创建 , 是因为Nginx本身容器只存在/etc/nginx 目录 , 本身就不创建 nginx.conf 文件
当服务器和容器都不存在 nginx.conf 文件时, 执行启动命令的时候 docker会将nginx.conf 作为目录创建 , 这并不是我们想要的结果 。
# 创建挂载目录 mkdir -p /home/nginx/conf mkdir -p /home/nginx/log mkdir -p /home/nginx/html mkdir -p /home/nginx/ssl
容器中的nginx.conf文件和conf.d文件夹复制到宿主机
# 生成容器 docker run --name nginx -p 9001:80 -d nginx # 将容器nginx.conf文件复制到宿主机 docker cp nginx:/etc/nginx/nginx.conf /home/nginx/conf/nginx.conf # 将容器conf.d文件夹下内容复制到宿主机 docker cp nginx:/etc/nginx/conf.d /home/nginx/conf/conf.d # 将容器中的html文件夹复制到宿主机 docker cp nginx:/usr/share/nginx/html /home/nginx/
4、创建Nginx容器并运行
Docker 创建Nginx容器
# 直接执行docker rm nginx或者以容器id方式关闭容器 # 找到nginx对应的容器id docker ps -a # 关闭该容器 docker stop nginx # 删除该容器 docker rm nginx # 删除正在运行的nginx容器 docker rm -f nginx
docker run \ -p 443:443 -p 80:80 \ --name nginx \ -v /home/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \ -v /home/nginx/conf/conf.d:/etc/nginx/conf.d \ -v /home/nginx/log:/var/log/nginx \ -v /home/nginx/html:/usr/share/nginx/html \ -v /home/nginx/ssl:/etc/nginx/ssl/ \ --privileged=true -d --restart=always nginx:latest
|
命令
|
描述
|
|
–name nginx
|
启动容器的名字
|
|
-d
|
后台运行
|
|
-p 9002:80
|
将容器的 9002(后面那个) 端口映射到主机的 80(前面那个) 端口
|
|
-v /home/nginx/conf/nginx.conf:/etc/nginx/nginx.conf
|
挂载nginx.conf配置文件
|
|
-v /home/nginx/conf/conf.d:/etc/nginx/conf.d
|
挂载nginx配置文件
|
|
-v /home/nginx/log:/var/log/nginx
|
挂载nginx日志文件
|
|
-v /home/nginx/html:/usr/share/nginx/html
|
挂载nginx内容
|
|
-v /home/nginx/ssl:/usr/nginx/ssl
|
挂载nginx ssl证书
|
|
nginx:latest
|
本地运行的版本
|
| |
|
8.Nginx Admin代理转发
1.新增admin,adminapi二级域名,腾讯云直接申请即可
2.新增admin.conf,adminapi.conf文件。上传至/home/nginx/conf/conf.d/目录
admin.conf配置
server { listen 80; #监听80端口 server_name admin.skssea.com; #监听的域名 rewrite ^(.*)$ https://$server_name$1 permanent; } server { listen 443; #监听443端口 server_name admin.skssea.com; #监听的域名 ssl on; #开启SSL ssl_certificate /etc/nginx/ssl/admin.skssea.com_bundle.crt; #证书文件 ssl_certificate_key /etc/nginx/ssl/admin.skssea.com.key; #私钥文件 ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA; ssl_session_cache shared:SSL:50m; ssl_prefer_server_ciphers on; location / { proxy_pass http://172.17.0.8:5309; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } }
adminapi.conf配置
server { listen 80; #监听80端口 server_name adminapi.skssea.com; #监听的域名 rewrite ^(.*)$ https://$server_name$1 permanent; } server { listen 443; #监听443端口 server_name adminapi.skssea.com; #监听的域名 ssl on; #开启SSL ssl_certificate /etc/nginx/ssl/adminapi.skssea.com_bundle.crt; #证书文件 ssl_certificate_key /etc/nginx/ssl/adminapi.skssea.com.key; #私钥文件 ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA; ssl_session_cache shared:SSL:50m; ssl_prefer_server_ciphers on; location / { proxy_pass http://172.17.0.7:5120; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } }
标签:Admin,
NET,
nginx,
jenlins,
conf,
home,
net6,
Docker,
docker
From: https://www.cnblogs.com/whlgrowth/p/17403026.html