Ego nuper servo virtualem mutavi et omnia iterum configurare habui. Malo situs per https accessibiles ac testimoniales letsencryptas ipso facto obtinendas et renovandas esse. Id effici potest utentibus duabus imaginibus nginx-procuratoris et nginx procuratoris societatis.
Hic est dux in quomodo constituendus sit locus in Docker, cum procuratorio qui sponte SSL libellos accipit. CentOS 7 virtualis server adhibetur.
Pono servo iam empto, configurato, initium clavis utendi, fail2ban inauguratum, etc.
Primum opus est ut officinam instituat.
- Primum debes install clientelas
$ sudo yum install -y yum-utils device-mapper-persistent-data lvm2
- Connect repositio
$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- Tunc install Docker edition
$ sudo yum install docker-ce docker-ce-cli containerd.io
- Addere docker ut satus et procursu
$ sudo systemctl enable docker $ sudo systemctl start docker
- Addere a user ad catervam docker posse currere sine sudo docker
$ usermod -aG docker user
Proximus gradus est ut instruere schoen-componere. Utilitas pluribus modis institui potest, sed malo per pituitam ac virtualenv instituere, ne systema fasciculis superfluis premat.
- pituitam install
$ sudo yum install python-pip
- install virtualenv
$ pip install virtualenv
- Deinde debes facere folder cum incepto et initialize eam. Folder cum omnibus fasciculis ad administrandum opus erit ve.
$ mkdir docker $ cd docker $ virtualenv ve
- Incipere utendo virtualis environment, debes currere hoc mandatum in folder in project.
$ source ve/bin/activate
- Docker-conponere potes instituere.
pip install docker-compose
Ut vasa ad invicem videant, retis creabimus. Defalta, pontis agitator adhibetur.
$ docker network create network
Deinde debes configurare schoham componere, procurator erit in procuratori folder, test situs in test folder erit. Exempli gratia, nomine regio utens example.com
$ mkdir proxy $ mkdir test $ touch proxy/docker-compose.yml $ touch test/docker-compose.yml
Summa proxy/docker-compose.yml
version: '3' networks: default: external: name: network services: nginx-proxy: container_name: nginx-proxy image: jwilder/nginx-proxy ports: - 80:80 - 443:443 volumes: - certs:/etc/nginx/certs - vhost.d:/etc/nginx/vhost.d - html:/usr/share/nginx/html - /var/run/docker.sock:/tmp/docker.sock:ro nginx-proxy-letsencrypt: container_name: nginx-proxy-letsencrypt image: jrcs/letsencrypt-nginx-proxy-companion volumes: - certs:/etc/nginx/certs - vhost.d:/etc/nginx/vhost.d - html:/usr/share/nginx/html - /var/run/docker.sock:/var/run/docker.sock:ro environment: - NGINX_PROXY_CONTAINER=nginx-proxy volumes: certs: vhost.d: html:
Environment variabilis NGINX_PROXY_CONTAINER necesse est ut continens letsencrypt procuratorem videre. Folders /etc/nginx/certs /etc/nginx/vhost.d et /usr/share/nginx/html ab utroque vasis communicari debent. Ut vasculum letsencrypt ad recte operandum, applicatio ad 80 et 443 portum pervia esse debet.
Summa test/docker-compose.yml
version: '3' networks: default: external: name: network services: nginx: container_name: nginx image: nginx:latest environment: - VIRTUAL_HOST=example.com - LETSENCRYPT_HOST=example.com - [email protected]
Hic, ambitus variabilium variabilium requiruntur, ut procurator recte petitionem emittat servo et libellum de nomine dominico exigat.
Reliquum est ut phialam currendo componat
$ cd proxy $ docker-compose up -d $ cd ../test $ docker-compose up -d
Source: www.habr.com