CentOS 7 Nginx Https 와 역방향 에이전트 및 파일 공유 서비스 배치 간소화
4566 단어 DevOps 와 생산 중간 부품
HOSTNAME=nginx
hostnamectl set-hostname "$HOSTNAME"
echo "$HOSTNAME">/etc/hostname
echo "$(grep -E '127|::1' /etc/hosts)">/etc/hosts
echo "$(ip a|grep "inet "|grep -v 127|awk -F'[ /]' '{print $6}') $HOSTNAME">>/etc/hosts
cat >/etc/yum.repos.d/nginx.repo<<EOF
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/\$basearch/
gpgcheck=0
enabled=1
EOF
yum -y install nginx
systemctl enable nginx
mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl
openssl genrsa -out "/etc/nginx/ssl/server.key" 2048
openssl req -new \
-key "/etc/nginx/ssl/server.key" \
-out "/etc/nginx/ssl/server.csr"
openssl x509 -req -days 365 \
-in "/etc/nginx/ssl/server.csr" \
-signkey "/etc/nginx/ssl/server.key" \
-out "/etc/nginx/ssl/server.crt"
chmod 600 *
cd /usr/share/nginx/html
rm -rf *
# ,
cat >/etc/nginx/conf.d/default.conf<<EOF
server{
listen 10194;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name wget.vincent.com;
location / {
root /usr/share/nginx/html;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
}
upstream nexus {
server 192.168.77.110:8080;
# server IP2:PORT2 weight=10;
}
server{
listen 10194;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name nexus.vincent.com;
location / {
proxy_pass http://nexus;
index index.html index.htm;
}
}
upstream gitlab {
server 192.168.77.100;
# server IP2:PORT2 weight=10;
}
server{
listen 10194;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name gitlab.vincent.com;
location / {
proxy_pass http://gitlab;
index index.html index.htm;
}
}
EOF
systemctl restart nginx
# :
# hosts , , https
[TOC]
좋은 웹페이지 즐겨찾기
