# 查看Ubuntu版本信息 lsb_release -a # 软件包更新 apt update && apt upgrade -y #-------------------- vim 配置 -------------------- # 打开配置文件 vim ~/.vimrc # 将以下内容写入配置文件中 set tabstop=4 set softtabstop=4 set shiftwidth=4 set expandtab set autoindent set number #-------------------- 完成 -------------------- #-------------------- Docker + Ubuntu + Nginx -------------------- # 卸载老版本Docker apt remove docker docker-engine docker.io containerd runc # 安装依赖 apt install ca-certificates curl gnupg lsb-release # 添加Docker官方的GPG密钥 curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add - # 添加Docker软件源 add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" # 安装Docker apt install docker-ce docker-ce-cli containerd.io # 查看Docker版本信息 docker version # 安装工具 apt -y install apt-transport-https ca-certificates curl software-properties-common # 打开配置文件 vim /etc/docker/daemon.json # 将以下内容写入配置文件中 { "registry-mirrors": [ "https://ox288s4f.mirror.aliyuncs.com", "https://vlgh0kqj.mirror.aliyuncs.com", "https://registry.docker-cn.com", "https://docker.mirrors.ustc.edu.cn", "https://docker.m.daocloud.io", "https://dockerhub.timeweb.cloud", "https://hub-mirror.c.163.com", "https://mirror.ccs.tencentyun.com", "https://mirror.baidubce.com", "https://noohub.ru", "https://huecker.io", "https://do.nark.eu.org", "https://dc.j8.work", "https://dockerproxy.com", "https://docker.nju.edu.cn" ] } # 查看文件内容 expand -t4 /etc/docker/daemon.json # 重启 systemctl restart docker # 拉取镜像 docker pull ubuntu:22.04 # 查看镜像 docker images # 创建容器 docker run \ -p 80:80 \ -p 443:443 \ -p 10378:10378 \ -p 10379:10379 \ -p 10443:10443 \ --name nginx \ -itd ubuntu:22.04 # 查看容器 docker ps docker ps -a # 查看端口占用 lsof -i docker port nginx # 进入容器内部 docker exec -it nginx /bin/bash # 软件包更新 apt update && apt upgrade -y # 安装 apt install wget apt install unzip apt install patch apt install gcc apt install make apt install libpcre3 libpcre3-dev apt install zlib1g zlib1g-dev apt install openssl libssl-dev # Build nginx with this module from source wget http://nginx.org/download/nginx-1.25.0.tar.gz tar -xzvf nginx-1.25.0.tar.gz cd nginx-1.25.0 wget https://github.com/chobits/ngx_http_proxy_connect_module/archive/refs/heads/master.zip unzip master.zip patch -p1 < ngx_http_proxy_connect_module-master/patch/proxy_connect_rewrite_102101.patch # 此时位于nginx-1.25.0目录下 ./configure --add-module=ngx_http_proxy_connect_module-master --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module make && make install # 查看安装情况 apt install tree tree /usr/local/nginx/ # 创建用于存放ssl证书的文件夹 mkdir /usr/local/nginx/conf/cert # 启动 /usr/local/nginx/sbin/nginx # 查看进程 ps aux # 重启 /usr/local/nginx/sbin/nginx -s reload # 查看进程 ps aux # 关闭 /usr/local/nginx/sbin/nginx -s quit # 查看进程 ps aux # 自启动 apt install vim vim /root/.bashrc # 将以下内容写入配置文件中 if [ -f /usr/local/nginx/sbin/nginx ]; then /usr/local/nginx/sbin/nginx fi # 退出容器 exit # 重启容器 docker restart nginx # 测试 curl fslse.top # 将日志文件复制到宿主机 mkdir -p /root/nginx docker cp nginx:/usr/local/nginx/logs /root/nginx/logs # 创建用于存放ssl证书的文件夹 mkdir -p /root/cert # ----------------------------------- # 下载ssl证书并上传至 /root/cert 文件夹下 # ----------------------------------- # 关闭容器 docker stop nginx # 生成镜像 docker commit -m "nginx" -a "fslse" nginx nginx:1.25.0 # 查看镜像详细信息 docker inspect nginx:1.25.0 # 删除容器 docker rm nginx # 重新创建容器 docker run \ -p 80:80 \ -p 443:443 \ -p 10378:10378 \ -p 10379:10379 \ -p 10443:10443 \ -v /root/nginx/logs:/usr/local/nginx/logs \ -v /root/cert:/usr/local/nginx/conf/cert \ --name nginx \ -itd nginx:1.25.0 # 进入容器内部 docker attach nginx # 编辑nginx配置文件 vim /usr/local/nginx/conf/nginx.conf # 重写配置文件中的http块内容 http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; rewrite ^(.*)$ https://fslse.top/$1 permanent; } server { listen 443 ssl; server_name localhost; ssl_certificate /usr/local/nginx/conf/cert/fslse.top.pem; ssl_certificate_key /usr/local/nginx/conf/cert/fslse.top.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; location / { root html; index index.html index.htm; } } server { listen 10378; # dns resolver used by forward proxying resolver 8.8.8.8 8.8.8.4 114.114.114.114; # forward proxy for CONNECT requests proxy_connect; proxy_connect_allow 443 563; proxy_connect_connect_timeout 10s; proxy_connect_data_timeout 10s; location / { proxy_pass $scheme://$host$request_uri; proxy_set_header Host $http_host; } } server { listen 10379 ssl; # self signed certificate generated via openssl command ssl_certificate_key /usr/local/nginx/conf/cert/fslse.top.key; ssl_certificate /usr/local/nginx/conf/cert/fslse.top.pem; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; # dns resolver used by forward proxying resolver 8.8.8.8 8.8.8.4 114.114.114.114; # forward proxy for CONNECT request proxy_connect; proxy_connect_allow 443 563; proxy_connect_connect_timeout 10s; proxy_connect_data_timeout 10s; location / { proxy_ssl_server_name on; proxy_pass $scheme://$host$request_uri; proxy_set_header Host $http_host; } } } # 退出容器 exit # 重启容器 docker restart nginx # 测试 curl http://fslse.top curl https://fslse.top curl curl https://github.com/ -v -x http://fslse.top:10378 curl curl https://github.com/ -v -x https://fslse.top:10379 #-------------------- 完成 --------------------