implement https on nginx config file

问题

I have a single page application written with vuejs and i want to deploy the application using digitalocean, nginx and docker

my question is, what do i need to add to the config file/docker file to make that the app will use https and not http? (i'm going to use self signed certificates)

yes, i searched the question already, but nothing seems to work with that template.

also, the backend for this app is nodejs with express that will be on different container on the same digital ocean server

Im using the docker file template from vue docs:

dockerfile:

# build stage
FROM node:9.11.1-alpine as build-stage
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build

# production stage
FROM nginx:1.13.12-alpine as production-stage
COPY --from=build-stage /app/dist /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

nginx.conf:

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

Thanks.

回答1:

Just copy SSL and conf during build time keep both in configs/nginx/ in the root of your docker file

# build stage
FROM node:9.11.1-alpine as build-stage
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build

COPY configs/nginx/conf.d/ /etc/nginx/conf.d/
COPY configs/nginx/nginx.conf /etc/nginx/nginx.conf
COPY configs/nginx/ssl/ /etc/nginx/ssl/
RUN rm -rf /etc/nginx/conf.d/default.conf
# production stage
FROM nginx:1.13.12-alpine as production-stage
COPY --from=build-stage /app/dist /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

your nginx.conf

#test comment4
user  nginx;
daemon off;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  120;

    gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

/etc/nginx/conf.d/mydoamin.com

server {
        listen          80;
        server_name     mydomain.com default_server;
        add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
        expires off;
        return  301     https://$server_name$request_uri;
}
server {
        listen 443 ssl;
        server_name mydomain.com;
        client_max_body_size 32M;
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";

        ssl_certificate      /etc/nginx/ssl/mydomain.bundle.crt;
        ssl_certificate_key  /etc/nginx/ssl/mydomain.com.key;

  root "/usr/share/nginx/html";
  index index.html index.htm index.php; #####fruther config####
  }

So update command will be

 docker run -it --add-host boomerb2b.com:192.168.1.23 -p 443:443 -p 80:80 --rm --name app nginx-ssl:latest

Also, add value at /etc/hosts if not resolving domain

vim /etc/hosts/ 
192.168.1.23 boomerb2b.com

来源：https://stackoverflow.com/questions/52376292/implement-https-on-nginx-config-file