Skip to content

Commit

Permalink
build(nginx): add portainer server 9443 port
Browse files Browse the repository at this point in the history
  • Loading branch information
@promonkeyli
promonkeyli committed Aug 28, 2024
1 parent b0b41a7 commit 78ee127
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 5 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,4 +47,4 @@ jobs:
docker stop $CONTAINER && docker rm $CONTAINER && docker rmi $IMAGE
fi
docker pull $IMAGE
docker run -d --name $CONTAINER -p 80:80 -p 443:443 -v /data/nginx-certs:/etc/nginx/certs $IMAGE
docker run -d --name $CONTAINER -p 80:80 -p 443:443 -p 9443:9443 -v /data/nginx-certs:/etc/nginx/certs $IMAGE
35 changes: 31 additions & 4 deletions nginx.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,20 @@ events {
http {
include mime.types;
default_type application/octet-stream;

# web 80端口重定向到 443端口
server {
listen 80;
server_name www.promonkeyli.top;
return 301 https://$host$request_uri;
listen 80;
server_name promonkeyli.top www.promonkeyli.top;
return 301 https://$host$request_uri;
}

# ssl 443端口 开启https
server {
listen 443 ssl http2;
server_name www.promonkeyli.top;
server_name promonkeyli.top www.promonkeyli.top;

# ssl 证书配置
ssl_certificate /etc/nginx/certs/promonkeyli.top_bundle.crt;
ssl_certificate_key /etc/nginx/certs/promonkeyli.top.key;
ssl_session_timeout 5m;
Expand All @@ -26,5 +31,27 @@ http {
index index.html index.htm; #默认入口文件名称
try_files $uri $uri.html $uri/ =404;
}
}

# portainer 端口 开启https
server {
listen 9443 ssl http2;
server_name promonkeyli.top www.promonkeyli.top;

# ssl 证书配置
ssl_certificate /etc/nginx/certs/promonkeyli.top_bundle.crt;
ssl_certificate_key /etc/nginx/certs/promonkeyli.top.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

location / {
proxy_pass http://127.0.0.1:9443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}

0 comments on commit 78ee127

Please sign in to comment.