Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

增加Apache https监听,解决Nginx反向代理出现的Mixed-Content问题 #39

Merged
merged 4 commits into from
Mar 5, 2024
Merged

增加Apache https监听,解决Nginx反向代理出现的Mixed-Content问题 #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6d3a7f2
增加SSL配置(已测试,附带自签名证书),解决Nginx反向代理出现的Mixed-Content问题
HisAtri Mar 3, 2024
41ad9e4
更新readme
HisAtri Mar 3, 2024
9f8fb6e
更新Nginx配置
HisAtri Mar 3, 2024
df0da24
no message
HisAtri Mar 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
12 changes: 12 additions & 0 deletions 000-default.conf.template
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,16 @@
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>

<VirtualHost *:${HTTPS_PORT}>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/public

SSLEngine on
SSLCertificateFile "/etc/ssl/certs/ssl-cert-snakeoil.pem"
SSLCertificateKeyFile "/etc/ssl/private/ssl-cert-snakeoil.key"

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
7 changes: 7 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@ FROM php:8.1-apache
# 安装相关拓展
ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/

# 开启SSL
RUN a2enmod ssl && a2ensite default-ssl

RUN apt-get update && \
apt-get install -y gettext && \
apt-get clean && rm -rf /var/cache/apt/* && rm -rf /var/lib/apt/lists/* && rm -rf /tmp/* && \
Expand Down Expand Up @@ -52,14 +55,18 @@ RUN apt-get update && \
chown -R www-data:root /var/www; \
chmod -R g=u /var/www

COPY ./ssl /etc/ssl

COPY --from=build /build /var/www/lsky/
COPY ./000-default.conf.template /etc/apache2/sites-enabled/
COPY ./ports.conf.template /etc/apache2/
COPY entrypoint.sh /
WORKDIR /var/www/html/
VOLUME /var/www/html
ENV WEB_PORT 8089
ENV HTTPS_PORT 8088
EXPOSE ${WEB_PORT}
EXPOSE ${HTTPS_PORT}
RUN chmod a+x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["apachectl","-D","FOREGROUND"]
31 changes: 31 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,37 @@ docker run -d \
halcyonazure/lsky-pro-docker:latest
```

### 如果要使用Nginx反向代理配置HTTPS,则使用HTTPS访问容器

```docker
docker run -d \
--name lsky-pro \
--restart unless-stopped \
-p 8088:8088 \
-p 8089:8089 \
-v $PWD/lsky:/var/www/html \
-e HTTPS_PORT=8088 \
-e WEB_PORT=8089 \
halcyonazure/lsky-pro-docker:latest
```

Nginx配置文件示例:

```nginx
location ^~ /
{
proxy_pass https://127.0.0.1:8088;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_http_version 1.1;
}
```


## 环境变量

目前该容器只有一个环境变量:`WEB_PORT`,用于指定容器内的`Apache`监听的端口,默认为`8089`,如果需要修改的话可以在启动容器时添加`-e WEB_PORT=8089`来指定端口
Expand Down
5 changes: 3 additions & 2 deletions entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,10 @@
set -eu

WEB_PORT=${WEB_PORT:-8089}
HTTPS_PORT=${HTTPS_PORT:-8088}

envsubst '${WEB_PORT}' < /etc/apache2/sites-enabled/000-default.conf.template > /etc/apache2/sites-enabled/000-default.conf
envsubst '${WEB_PORT}' < /etc/apache2/ports.conf.template > /etc/apache2/ports.conf
envsubst '${WEB_PORT} ${HTTPS_PORT}' < /etc/apache2/sites-enabled/000-default.conf.template > /etc/apache2/sites-enabled/000-default.conf
envsubst '${WEB_PORT} ${HTTPS_PORT}' < /etc/apache2/ports.conf.template > /etc/apache2/ports.conf

if [ ! -e '/var/www/html/public/index.php' ]; then
cp -a /var/www/lsky/* /var/www/html/
Expand Down
3 changes: 2 additions & 1 deletion ports.conf.template
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
Listen ${WEB_PORT}
Listen ${WEB_PORT}
Listen ${HTTPS_PORT}
21 changes: 21 additions & 0 deletions ssl/certs/ssl-cert-snakeoil.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDfzCCAmegAwIBAgIQAPswwfdmDX4jTX2IfdDGyzANBgkqhkiG9w0BAQsFADAU
MRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMjQwMzAzMTczODE0WhcNMzQwMzAxMTcz
ODE0WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCHwn/ZLxS1L795z1aAfL2GHKLZ9AWqd7bl0tKxhyTMPEk4XbgU
KB7IbkZPqDyjRgWj3QtUCQUpvbhOHpe4PzZHG5XF1NsNlynNT+iCSKSqbSzLjy0f
eMjyfw4pMeSbK/ez7VgZ/9HGjUwrWkzAsSWUsVUdCTTDsoOGCmYm9p/RFS5YdiLs
DWUaedMqQeGsaMyizdCiZJaRg+lrn1VNdjQaFtSEJQEHa5tlppUiwLeHuehIoBR7
9dJkhotrb4dnc5Dc2fa6Zs8x0lEt1uz+s7KtGvaFg5PfvjOa+mcDiRuJRn9OqGlM
78M2flaCzx7mXVqyi13fsmrGGw046m7GBHFDAgMBAAGjgcwwgckwLAYDVR0RBCUw
I4cEfwAAAYIJbG9jYWxob3N0hxAAAAAAAAAAAAAAAAAAAAABMB0GA1UdDgQWBBSs
cnP3TAZMPW7x2Lns4t85XLQFATAOBgNVHQ8BAf8EBAMCBLAwDAYDVR0TAQH/BAIw
ADA7BgNVHSUENDAyBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEF
BQcDBAYIKwYBBQUHAwgwHwYDVR0jBBgwFoAUrHJz90wGTD1u8di57OLfOVy0BQEw
DQYJKoZIhvcNAQELBQADggEBAHF9Fx3vbqSdE3N6SeHM6Q77C61m3o/8ZF3kl70E
za/mKZioYKOyFGnDKMb9RDpDBufReiUSJS+PJkS/wRHROuYToclxBnhh/7UImfkW
XqNDB44MR4kMyotQ+/kKEeFCxJUqjguP+/NWO8PVnQIQILPjH0/AUaGHvqUwzyKl
U8IO6zluwoV0iBFbJ1b5qQo19Y6ZHGIRBoGs2ovpcsYvXI9qWLIoLmSnkzqU1iQ1
ITLP1lVJh9J7SYoi/aI28Ssk1F6BagPv2DmQ9rPzvcjmL4+5guhWX3TrSv7HDnvm
NusWDVIcPcIquFhe7sKe71laIn41CXdZbOQZDmau7wTNfKo=
-----END CERTIFICATE-----
28 changes: 28 additions & 0 deletions ssl/private/ssl-cert-snakeoil.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCHwn/ZLxS1L795
z1aAfL2GHKLZ9AWqd7bl0tKxhyTMPEk4XbgUKB7IbkZPqDyjRgWj3QtUCQUpvbhO
Hpe4PzZHG5XF1NsNlynNT+iCSKSqbSzLjy0feMjyfw4pMeSbK/ez7VgZ/9HGjUwr
WkzAsSWUsVUdCTTDsoOGCmYm9p/RFS5YdiLsDWUaedMqQeGsaMyizdCiZJaRg+lr
n1VNdjQaFtSEJQEHa5tlppUiwLeHuehIoBR79dJkhotrb4dnc5Dc2fa6Zs8x0lEt
1uz+s7KtGvaFg5PfvjOa+mcDiRuJRn9OqGlM78M2flaCzx7mXVqyi13fsmrGGw04
6m7GBHFDAgMBAAECggEAAmHZWHhJBrzlwT9wJyUJNlc+TFDJ4KnlHbdLVy4l6SeN
qV2Lo17o21+EAFXVapAJ/UwdrMXTv13C5CwJQYRqcWj8gdIwXdavNxkV3WNk8FCm
HpROmGTIMekk2Hg1qLtmx1N83kfs6G0GTyRwgFkbbbaG5dGJiX2SbUG1dS2StFqC
Pk7TATU3m4cXoZCLUhuLhAeDJYAOnbeR3JLLi8DdLooaX7TmQidOvKioUzjhQmGq
DBzdB0xjiAyA4oMB6JPPqWZBAtFMRpWdZb9UouwaKpNT8MH4COi5FUkp8xwyP+QZ
Psq7gGatliPL481Tqm+u9gqPwzkR8c2AJ+CPwyb/QQKBgQDEzfmP+/bSz0GTmmBw
m3gbFk0yFyXxAuPX5Xv5lnGuc8wAetD7jVy+YEK4zIMgfLHRhKt5Vn/rHHWZ9ywD
LytnuU/tQuzA6ZZpDfUgNXO+Y/ZTAGT2ntmF/WSqRtY8ddhRB/O1UesJfrZMSg/e
ZSElY60/UKxluRsnvpBz3YU9MwKBgQCwmAz6OJv0hWMtKXEMv0XQXRSdbZeqD0Bw
xMSAGcPB4wBGDfEw36oLxr/NOex0CQuOIiOLhxfHIOEY2j4UkA1WugqdClRqBevF
iiB9eywfUij534TWfbgofl1dZktHPMIS63D29L7UP7XHh0ebYcUGLSMr9pLkzQMF
rA5fl0xbsQKBgQC6ugdwUotkhxrcFhwsm4YAhU9nGEl6e9h8DpNrQw/HirzjM6Q3
GHAHfUOxHPHJECaS+ULM1IJ4K790/uy2dLnFJzErl1UU0ExSjtil37Fa0nNzWytw
R1Vx6PLrEFzSbql4cIgN4JSVpLEIfzjBNMiXNhS5vyxjM5cNRaS/Gk4BuwKBgQCU
ExsmoVscAND1aH9zydrXaYVEsEVxApLtPADszS3ZIOf01fH9Ij6q2z+u7Tf44DDB
QJz/fQqSHV7CARX3FgcpRpxpq+S2djqJjFXMAgEwTisvwp3XYNmPks3k6EaM+ERf
qu4xFW4B+V4KbcO8ZZHYqPaKAZqQods74Va4DtynMQKBgAUeuDayZTDia4bOaP6B
o6EquVRcCQbEWAzSvCpGDw3zzuP6xU8X0foH7BQ6tpxNkjOVDh9/HFjmPOe8xS4E
feqz2SJvNCoghBcUebrCmBT6IpS/34dlqFfVO1hJSRwl+U0c2DD4l7I3966/jx2C
y4gbcDHzbOtxKCVmAtLj0YPs
-----END PRIVATE KEY-----